Описание
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
Ссылки
- Release Notes
- Patch
- Third Party Advisory
- Release Notes
- Patch
- Third Party Advisory
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows a ...
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
Уязвимость функции uriComposeQuery парсера Uriparser, связанная с записью за границами буфера памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2