Unrated severityOSV Advisory· Published Jan 16, 2019· Updated Aug 5, 2024
CVE-2018-20721
CVE-2018-20721
Description
URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/uriparser&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/uriparser&distro=openSUSE%20Tumbleweedpkg:rpm/suse/uriparser&distro=SUSE%20Package%20Hub%2015
< 0.8.5-lp150.2.3.1+ 2 more
- (no CPE)range: < 0.8.5-lp150.2.3.1
- (no CPE)range: < 0.9.5-1.2
- (no CPE)range: < 0.8.5-bp150.2.3.1
Patches
Vulnerability mechanics
References
4- github.com/uriparser/uriparser/blob/master/ChangeLogmitrex_refsource_CONFIRM
- github.com/uriparser/uriparser/commit/cef25028de5ff872c2e1f0a6c562eb3ea9ecbce4mitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2019/02/msg00028.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2021/11/msg00029.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.