Log

CVE-2021-46142 edited at 10 Aug 2022 19:53:21
References
https://github.com/uriparser/uriparser/issues/122
- https://github.com/uriparser/uriparser/pull/124
CVE-2021-46142 edited at 10 Aug 2022 19:52:15
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
- invalid free operations in uriNormalizeSyntax
+ uriNormalizeSyntax may free stack memory in out-of-memory situation when handling URIs containing empty segments
References
https://github.com/uriparser/uriparser/issues/122
+ https://github.com/uriparser/uriparser/pull/124
AVG-2788 edited at 10 Aug 2022 18:36:19
Severity
- Unknown
+ High
CVE-2022-34265 edited at 10 Aug 2022 18:36:19
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Sql injection
CVE-2022-34265 edited at 10 Aug 2022 18:35:37
Description
+ Trunc() and Extract() database functions were subject to SQL injection if untrusted data was used as a kind/lookup_name value
References
Notes
+ Applications that constrain the lookup name and kind choice to a known safe list are unaffected
AVG-2785 edited at 09 Aug 2022 16:39:10
Status
- Vulnerable
+ Fixed
CVE-2021-46141 edited at 03 Aug 2022 21:11:35
Severity
- Unknown
+ Medium
Description
+ invalid free operations in uriFreeUriMembers and uriMakeOwner
AVG-2794 edited at 03 Aug 2022 21:11:07
Severity
- Unknown
+ Medium
CVE-2021-46142 edited at 03 Aug 2022 21:11:07
Severity
- Unknown
+ Medium
Description
+ invalid free operations in uriNormalizeSyntax
AVG-2794 edited at 03 Aug 2022 21:09:27
References
https://github.com/uriparser/uriparser/pull/124
+ https://github.com/uriparser/uriparser/commit/cd6070c92f3bab157139c35ff4841054afaa67ef
CVE-2021-46141 edited at 03 Aug 2022 21:09:08
Description
References
+ https://github.com/uriparser/uriparser/issues/121
Notes
CVE-2021-46142 edited at 03 Aug 2022 21:09:05
Description
References
+ https://github.com/uriparser/uriparser/issues/122
Notes