5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
45.7%
Upstream project reports:
Fix a bug affecting both uriNormalizeSyntax* and uriMakeOwner*
functions where the text range in .hostText would not be duped using
malloc but remain unchanged (and hence “not owned”) for URIs with
an IPv4 or IPv6 address hostname; depending on how an application
uses uriparser, this could lead the application into a use-after-free
situation.
As the second half, fix uriFreeUriMembers* functions that would not
free .hostText memory for URIs with an IPv4 or IPv6 address host;
also, calling uriFreeUriMembers* multiple times on a URI of this
very nature would result in trying to free pointers to stack
(rather than heap) memory.
Fix functions uriNormalizeSyntax* for out-of-memory situations
(i.e. malloc returning NULL) for URIs containing empty segments
(any of user info, host text, query, or fragment) where previously
pointers to stack (rather than heap) memory were freed.
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
45.7%