Описание
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
A flaw was found in uriparser. This vulnerability allows unbounded recursion and stack consumption via large input containing many commas.
Отчет
This vulnerability is rated Low for Red Hat because it requires local access and a specially crafted URI to trigger unbounded recursion, leading to stack consumption. The attack complexity is high, limiting its practical impact in most Red Hat deployments.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | uriparser | Out of support scope | ||
| Red Hat Enterprise Linux AI (RHEL AI) 3 | uriparser | Fix deferred |
Показывать по
Дополнительная информация
Статус:
2.9 Low
CVSS3
Связанные уязвимости
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
uriparser through 0.9.9 allows unbounded recursion and stack consumpti ...
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
2.9 Low
CVSS3