An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
References
Link | Resource |
---|---|
https://github.com/uriparser/uriparser/issues/122 | Exploit Issue Tracking Patch Third Party Advisory |
https://github.com/uriparser/uriparser/pull/124 | Exploit Patch Third Party Advisory |
https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/ | Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/ | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/ | Mailing List Third Party Advisory |
https://www.debian.org/security/2022/dsa-5063 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2022-01-05 20:15
Updated : 2022-02-04 18:36
NVD link : CVE-2021-46142
Mitre link : CVE-2021-46142
JSON object : View
CWE
CWE-416
Use After Free
Products Affected
fedoraproject
- extra_packages_for_enterprise_linux
- fedora
opensuse
- backports
- leap
- factory
debian
- debian_linux
uriparser_project
- uriparser