Download
| Alert*
oval:org.secpod.oval:def:704796
liburiparser1 is installed oval:org.secpod.oval:def:78159 Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers , which may result in denial of service or potentially in the the execution of arbitrary code. oval:org.secpod.oval:def:707630 uriparser: Strictly RFC 3986 compliant URI parsing library uriparser could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:605774 Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers , which may result in denial of service or potentially in the the execution of arbitrary code. oval:org.secpod.oval:def:88505 uriparser: Strictly RFC 3986 compliant URI parsing library uriparser could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:1900697 An issue was discovered in liburiparser1 before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function. oval:org.secpod.oval:def:1901324 An issue was discovered in liburiparser1 before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the "&" character is mishandled in certain contexts. oval:org.secpod.oval:def:1901359 An issue was discovered in liburiparser1 before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication. oval:org.secpod.oval:def:1902128 URI_FUNC in UriParse.c in liburiparser1 before 0.9.1 has an out-of-bounds read for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address. |