CVE-2024-34402

Опубликовано: 03 мая 2024

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 8.6

Описание

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

Релиз	Статус	Примечание
devel	not-affected	0.9.8+dfsg-2
esm-apps/bionic	released	0.8.4-1+deb9u2ubuntu0.1+esm1
esm-apps/focal	released	0.9.3-2ubuntu0.1~esm3
esm-apps/jammy	released	0.9.6+dfsg-1ubuntu0.1~esm1
esm-apps/noble	released	0.9.7+dfsg-2ubuntu0.1~esm1
esm-apps/xenial	released	0.8.4-1ubuntu0.16.04.1~esm4
esm-infra-legacy/trusty	released	0.7.5-1ubuntu2+esm4
focal	ignored	end of standard support, was needed
jammy	needed
mantic	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 46%

0.00231

Низкий

8.6 High

CVSS3

Связанные уязвимости

CVE-2024-34402

CVSS3: 5.5

redhat

больше 1 года назад

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

CVE-2024-34402

CVSS3: 8.6

nvd

больше 1 года назад

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

CVE-2024-34402

CVSS3: 8.6

msrc

6 месяцев назад

Описание отсутствует

CVE-2024-34402

CVSS3: 8.6

debian

больше 1 года назад

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine ...

GHSA-hwpw-xpj3-c397

CVSS3: 8.6

github

больше 1 года назад

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

EPSS

Процентиль: 46%

0.00231

Низкий

8.6 High

CVSS3

CVE-2024-34402

Описание

Пакет uriparser

Ссылки на источники

Связанные уязвимости