CVE-2018-20721

Published: Jan 16, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[debian-lts-announce] 20190218 [SECURITY] [DLA 1682-1] uriparser security update

mailing-list

x_refsource_MLIST

https://github.com/uriparser/uriparser/commit/cef25028de5ff872c2e1f0a6c562eb3ea9ecbce4

x_refsource_CONFIRM

https://github.com/uriparser/uriparser/blob/master/ChangeLog

x_refsource_CONFIRM

[debian-lts-announce] 20211130 [SECURITY] [DLA 2834-1] uriparser security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20721

Description

Affected Products

References