[SECURITY] Fedora 43 Update: uriparser-1.0.2-1.fc43

Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license...

Amazon Linux 2023 : php8.5, php8.5-bcmath, php8.5-cli (ALAS2023-2026-1733)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1733 advisory. uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer...

Fedora 43 : uriparser (2026-aa5877c5ba)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa5877c5ba advisory. Update to uriparser-1.0.2. ---- Update to uriparser-1.0.1. Tenable has extracted the preceding description block directly from the Fedora security advisory...

Important: php8.5

Issue Overview: uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer difference truncation to int in various places. CVE-2026-44927 In uriparser before 1.0.2, t...

Astra Linux - уязвимость в uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryMallocExMm function in UriQuery.c has an integer overflow due to the use of a long string...

Astra Linux - уязвимость в uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryEngine in UriQuery.c has an integer overflow due to long keys or values, resulting in a buffer overflow...

Astra Linux - уязвимость в uriparser

A issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax...

OESA-2026-2301 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

Fedora 42 : uriparser (2026-593d463bbf)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-593d463bbf advisory. Update to uriparser-1.0.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

OESA-2026-2230 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

OESA-2026-2229 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

SUSE CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

SUSE CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

Unity Linux 20.1060e / 20.1070e Security Update: uriparser (UTSA-2026-017363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017363 advisory. An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. Tenable has extracted the preceding description block...

Unity Linux 20.1060e / 20.1070e Security Update: uriparser (UTSA-2026-017362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017362 advisory. An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. Tenable has extracted the preceding...

EUVD-2026-28537

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

EUVD-2026-28536

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...

Numeric Truncation Error

Overview Affected versions of this package are vulnerable to Numeric Truncation Error due to pointer difference truncation to int in multiple locations. An attacker can cause incorrect memory calculations by providing specially crafted input. Remediation A fix was pushed into the master branch bu...

CVE-2026-44928

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal...

CVE-2026-44927

In uriparser before 1.0.2, there is pointer difference truncation to int in various places...