Описание
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParseEx functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.8.4-1+deb9u2build0.18.04.1 |
| cosmic | not-affected | 0.9.1-1 |
| devel | not-affected | 0.9.1-1 |
| disco | not-affected | 0.9.1-1 |
| eoan | not-affected | 0.9.1-1 |
| esm-apps/bionic | released | 0.8.4-1+deb9u2build0.18.04.1 |
| esm-apps/focal | not-affected | 0.9.1-1 |
| esm-apps/jammy | not-affected | 0.9.1-1 |
| esm-apps/xenial | released | 0.8.4-1ubuntu0.16.04.1~esm2 |
| esm-infra-legacy/trusty | released | 0.7.5-1ubuntu2+esm2 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bound ...
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
Уязвимость функции URI_FUNC() компонента UriParse.c парсера Uriparser, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
7.5 High
CVSS2
9.8 Critical
CVSS3