Описание
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.8.4-1+deb9u2build0.18.04.1 |
| cosmic | ignored | end of life |
| devel | not-affected | 0.9.3-2 |
| disco | released | 0.9.0-1 |
| eoan | not-affected | 0.9.3-2 |
| esm-apps/bionic | released | 0.8.4-1+deb9u2build0.18.04.1 |
| esm-apps/focal | not-affected | 0.9.3-2 |
| esm-apps/jammy | not-affected | 0.9.3-2 |
| esm-apps/xenial | released | 0.8.4-1ubuntu0.16.04.1~esm1 |
| esm-infra-legacy/trusty | released | 0.7.5-1ubuntu2+esm1 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows a ...
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
Уязвимость функции uriComposeQuery парсера Uriparser, связанная с записью за границами буфера памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
7.5 High
CVSS2
9.8 Critical
CVSS3