Uriparser Uriparserproject Uriparser

Do you want an email whenever new security vulnerabilities are reported in Uriparserproject Uriparser?

By the Year

In 2022 there have been 2 vulnerabilities in Uriparserproject Uriparser with an average score of 5.5 out of ten. Uriparser did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 2 5.50
2021 0 0.00
2020 0 0.00
2019 1 9.80
2018 3 9.03

It may take a day or so for new Uriparser vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Uriparserproject Uriparser Security Vulnerabilities

An issue was discovered in uriparser before 0.9.6

CVE-2021-46142 5.5 - Medium - January 06, 2022

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

Dangling pointer

An issue was discovered in uriparser before 0.9.6

CVE-2021-46141 5.5 - Medium - January 06, 2022

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

Dangling pointer

URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address

CVE-2018-20721 9.8 - Critical - January 16, 2019

URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.

Out-of-bounds Read

An issue was discovered in uriparser before 0.9.0

CVE-2018-19198 9.8 - Critical - November 12, 2018

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.

Memory Corruption

An issue was discovered in uriparser before 0.9.0

CVE-2018-19199 9.8 - Critical - November 12, 2018

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.

Integer Overflow or Wraparound

An issue was discovered in uriparser before 0.9.0

CVE-2018-19200 7.5 - High - November 12, 2018

An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.

NULL Pointer Dereference

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by Uriparserproject? Click the Watch button to subscribe.

subscribe