Lucene search
AmazonALAS-2024-2546HistoryMay 23, 2024 - 10:04 p.m.
Medium: uriparser
2024-05-2322:04:00
alas.aws.amazon.com
2
uriparser
integer overflow
buffer overflow
cve-2024-34402
cve-2024-34403
amazon linux 2
update
red hat
mitre
unix
Issue Overview:
An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow. (CVE-2024-34402)
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string. (CVE-2024-34403)
Affected Packages:
uriparser
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update uriparser to update your system.
New Packages:
aarch64:
uriparser-0.7.5-10.amzn2.0.3.aarch64
uriparser-devel-0.7.5-10.amzn2.0.3.aarch64
uriparser-debuginfo-0.7.5-10.amzn2.0.3.aarch64
i686:
uriparser-0.7.5-10.amzn2.0.3.i686
uriparser-devel-0.7.5-10.amzn2.0.3.i686
uriparser-debuginfo-0.7.5-10.amzn2.0.3.i686
src:
uriparser-0.7.5-10.amzn2.0.3.src
x86_64:
uriparser-0.7.5-10.amzn2.0.3.x86_64
uriparser-devel-0.7.5-10.amzn2.0.3.x86_64
uriparser-debuginfo-0.7.5-10.amzn2.0.3.x86_64
Additional References
Red Hat: CVE-2024-34402, CVE-2024-34403
Mitre: CVE-2024-34402, CVE-2024-34403
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 2 | aarch64 | uriparser | < 0.7.5-10.amzn2.0.3 | uriparser-0.7.5-10.amzn2.0.3.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | uriparser-devel | < 0.7.5-10.amzn2.0.3 | uriparser-devel-0.7.5-10.amzn2.0.3.aarch64.rpm |
| Amazon Linux | 2 | aarch64 | uriparser-debuginfo | < 0.7.5-10.amzn2.0.3 | uriparser-debuginfo-0.7.5-10.amzn2.0.3.aarch64.rpm |
| Amazon Linux | 2 | i686 | uriparser | < 0.7.5-10.amzn2.0.3 | uriparser-0.7.5-10.amzn2.0.3.i686.rpm |
| Amazon Linux | 2 | i686 | uriparser-devel | < 0.7.5-10.amzn2.0.3 | uriparser-devel-0.7.5-10.amzn2.0.3.i686.rpm |
| Amazon Linux | 2 | i686 | uriparser-debuginfo | < 0.7.5-10.amzn2.0.3 | uriparser-debuginfo-0.7.5-10.amzn2.0.3.i686.rpm |
| Amazon Linux | 2 | x86_64 | uriparser | < 0.7.5-10.amzn2.0.3 | uriparser-0.7.5-10.amzn2.0.3.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | uriparser-devel | < 0.7.5-10.amzn2.0.3 | uriparser-devel-0.7.5-10.amzn2.0.3.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | uriparser-debuginfo | < 0.7.5-10.amzn2.0.3 | uriparser-debuginfo-0.7.5-10.amzn2.0.3.x86_64.rpm |
Related
fedora
fedora
[SECURITY] Fedora 40 Update: uriparser-0.9.8-1.fc40
2024-05-21 01:18:31
[SECURITY] Fedora 38 Update: uriparser-0.9.8-1.fc38
2024-05-14 01:33:38
[SECURITY] Fedora 39 Update: uriparser-0.9.8-1.fc39
2024-05-14 03:28:42
openvas
openvas
Fedora: Security Advisory for uriparser (FEDORA-2024-410d4ecabe)
2024-05-27 00:00:00
Fedora: Security Advisory for uriparser (FEDORA-2024-a7b8b6bfe2)
2024-05-27 00:00:00
Fedora: Security Advisory for uriparser (FEDORA-2024-40e8512956)
2024-05-27 00:00:00
nessus
nessus
Fedora 38 : uriparser (2024-410d4ecabe)
2024-05-14 00:00:00
Amazon Linux 2 : uriparser (ALAS-2024-2546)
2024-05-31 00:00:00
Fedora 39 : uriparser (2024-40e8512956)
2024-05-14 00:00:00
redhatcve
redhatcve
CVE-2024-34403
2024-05-03 07:23:03
CVE-2024-34402
2024-05-03 07:22:53
ubuntucve
ubuntucve
CVE-2024-34403
2024-05-03 00:00:00
CVE-2024-34402
2024-05-03 00:00:00
debiancve
debiancve
CVE-2024-34403
2024-05-03 01:15:48
CVE-2024-34402
2024-05-03 01:15:48
vulnrichment
vulnrichment
CVE-2024-34402
2024-05-03 00:00:00
CVE-2024-34403
2024-05-03 00:00:00
cvelist
cvelist
CVE-2024-34403
2024-05-03 00:00:00
CVE-2024-34402
2024-05-03 00:00:00
osv
osv
CVE-2024-34402
2024-05-03 01:15:48
CVE-2024-34403
2024-05-03 01:15:48
alpinelinux
alpinelinux
CVE-2024-34403
2024-05-03 01:15:48
CVE-2024-34402
2024-05-03 01:15:48
nvd
nvd
CVE-2024-34403
2024-05-03 01:15:48
CVE-2024-34402
2024-05-03 01:15:48
cve
cve
CVE-2024-34402
2024-05-03 01:15:48
CVE-2024-34403
2024-05-03 01:15:48
veracode
veracode
Integer Overflow
2024-05-06 06:25:53
Integer Overflow
2024-05-06 06:24:49