---

Log

CVE-2021-46142 edited at 10 Aug 2022 19:53:21
References	https://github.com/uriparser/uriparser/issues/122 - https://github.com/uriparser/uriparser/pull/124

CVE-2021-46142 edited at 10 Aug 2022 19:52:15
Remote	- Unknown + Local
Type	- Unknown + Denial of service
Description	- invalid free operations in uriNormalizeSyntax + uriNormalizeSyntax may free stack memory in out-of-memory situation when handling URIs containing empty segments
References	https://github.com/uriparser/uriparser/issues/122 + https://github.com/uriparser/uriparser/pull/124

AVG-2788 edited at 10 Aug 2022 18:36:19
Severity	- Unknown + High

CVE-2022-34265 edited at 10 Aug 2022 18:36:19
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Sql injection

CVE-2022-34265 edited at 10 Aug 2022 18:35:37
Description	+ Trunc() and Extract() database functions were subject to SQL injection if untrusted data was used as a kind/lookup_name value
References
Notes	+ Applications that constrain the lookup name and kind choice to a known safe list are unaffected

AVG-2785 edited at 09 Aug 2022 16:39:10
Status	- Vulnerable + Fixed

CVE-2021-46141 edited at 03 Aug 2022 21:11:35
Severity	- Unknown + Medium
Description	+ invalid free operations in uriFreeUriMembers and uriMakeOwner

AVG-2794 edited at 03 Aug 2022 21:11:07
Severity	- Unknown + Medium

CVE-2021-46142 edited at 03 Aug 2022 21:11:07
Severity	- Unknown + Medium
Description	+ invalid free operations in uriNormalizeSyntax

AVG-2794 edited at 03 Aug 2022 21:09:27
References	https://github.com/uriparser/uriparser/pull/124 + https://github.com/uriparser/uriparser/commit/cd6070c92f3bab157139c35ff4841054afaa67ef

CVE-2021-46141 edited at 03 Aug 2022 21:09:08
Description
References	+ https://github.com/uriparser/uriparser/issues/121
Notes

CVE-2021-46142 edited at 03 Aug 2022 21:09:05
Description
References	+ https://github.com/uriparser/uriparser/issues/122
Notes