Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-1682-1:C2FB8
HistoryFeb 18, 2019 - 9:15 p.m.

[SECURITY] [DLA 1682-1] uriparser security update

2019-02-1821:15:18
lists.debian.org
91

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.3%

JSON

Package : uriparser
Version : 0.8.0.1-2+deb8u2
CVE ID : CVE-2018-20721

Joergen Ibsen reported an issue with uriparser, a URI parsing library
compliant with RFC 3986.

An Out-of-bounds read for incomplete URIs with IPv6 addresses with
embedded IPv4 address, e.g. "//[::44.1", were possible.

For Debian 8 "Jessie", this problem has been fixed in version
0.8.0.1-2+deb8u2.

We recommend that you upgrade your uriparser packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian8armhfliburiparser1< 0.8.0.1-2+deb8u2liburiparser1_0.8.0.1-2+deb8u2_armhf.deb
Debian8alluriparser< 0.8.0.1-2+deb8u2uriparser_0.8.0.1-2+deb8u2_all.deb
Debian9arm64liburiparser-dev< 0.8.4-1+deb9u2liburiparser-dev_0.8.4-1+deb9u2_arm64.deb
Debian9armhfliburiparser1< 0.8.4-1+deb9u2liburiparser1_0.8.4-1+deb9u2_armhf.deb
Debian9armelliburiparser-dev< 0.8.4-1+deb9u2liburiparser-dev_0.8.4-1+deb9u2_armel.deb
Debian8armelliburiparser-dev< 0.8.0.1-2+deb8u2liburiparser-dev_0.8.0.1-2+deb8u2_armel.deb
Debian9i386liburiparser-dev< 0.8.4-1+deb9u2liburiparser-dev_0.8.4-1+deb9u2_i386.deb
Debian8amd64liburiparser1< 0.8.0.1-2+deb8u2liburiparser1_0.8.0.1-2+deb8u2_amd64.deb
Debian8i386liburiparser-dev< 0.8.0.1-2+deb8u2liburiparser-dev_0.8.0.1-2+deb8u2_i386.deb
Debian9amd64liburiparser-dev< 0.8.4-1+deb9u2liburiparser-dev_0.8.4-1+deb9u2_amd64.deb
Rows per page:
1-10 of 211

Related

nessus 6
osv 5
debian 1
ubuntucve 1
debiancve 1
cve 1
prion 1
veracode 1
redhatcve 1
openvas 5
suse 2
ubuntu 2
nessus
nessus
Debian DLA-1682-1 : uriparser security update
2019-02-19 00:00:00
Debian DLA-2834-1 : uriparser - LTS security update
2021-12-01 00:00:00
openSUSE Security Update : uriparser (openSUSE-2019-165)
2019-02-14 00:00:00
osv
osv
uriparser - security update
2019-02-18 00:00:00
uriparser - security update
2021-11-30 00:00:00
CVE-2018-20721
2019-01-16 14:29:00
debian
debian
[SECURITY] [DLA 2834-1] uriparser security update
2021-11-30 23:31:17
ubuntucve
ubuntucve
CVE-2018-20721
2019-01-16 00:00:00
debiancve
debiancve
CVE-2018-20721
2019-01-16 14:29:00
cve
cve
CVE-2018-20721
2019-01-16 14:29:00
prion
prion
Out-of-bounds
2019-01-16 14:29:00
veracode
veracode
Arbitrary Code Execution
2021-07-14 05:37:07
redhatcve
redhatcve
CVE-2018-20721
2019-01-16 16:19:54
openvas
openvas
Debian: Security Advisory (DLA-1682-1)
2019-02-18 00:00:00
Debian: Security Advisory (DLA-2834-1)
2021-12-01 00:00:00
Ubuntu: Security Advisory (USN-5172-1)
2021-12-07 00:00:00
suse
suse
Security update for uriparser (low)
2019-02-13 00:00:00
Security update for uriparser (low)
2019-02-13 00:00:00
ubuntu
ubuntu
uriparser vulnerability
2021-12-09 00:00:00
uriparser vulnerabilities
2021-12-06 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

60.3%

JSON
Related for DEBIAN:DLA-1682-1:C2FB8
nessus6osv5debian1ubuntucve1debiancve1cve1prion1veracode1redhatcve1openvas5suse2ubuntu2