Medium severity5.1NVD Advisory· Published Apr 27, 2026· Updated May 18, 2026
CVE-2026-42371
CVE-2026-42371
Description
uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/uriparser&distro=openSUSE%20Tumbleweed
< 8.5.6-1.1+ 1 more
- (no CPE)range: < 8.5.6-1.1
- (no CPE)range: < 1.0.2-1.1
Patches
Vulnerability mechanics
References
3- github.com/uriparser/uriparser/pull/298nvdIssue TrackingPatch
- www.openwall.com/lists/oss-security/2026/04/27/2nvdMailing ListThird Party Advisory
- uriparser.github.ionvdProduct
News mentions
0No linked articles in our index yet.