Описание
Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 0.22.5-2 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | released | 0.22.5-2 |
| hardy | released | 0.22.5-2 |
| intrepid | released | 0.22.5-2 |
| jaunty | released | 0.22.5-2 |
| karmic | released | 0.22.5-2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | DNE | |
| edgy | not-affected | |
| feisty | not-affected | |
| gutsy | not-affected | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 0.26.3-1 |
| edgy | DNE | |
| feisty | released | 0.26.3-1 |
| gutsy | released | 0.26.3-1 |
| hardy | released | 0.26.3-1 |
| intrepid | released | 0.26.3-1 |
| jaunty | released | 0.26.3-1 |
| karmic | released | 0.26.3-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
7.8 High
CVSS2
Связанные уязвимости
Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.
Array index error in the uri_lookup function in the URI parser for neo ...
Array index error in the uri_lookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service (crash) via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error that generates a negative index.
EPSS
7.8 High
CVSS2