Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryEngine in UriQuery.c has an integer overflow due to long keys or values, resulting in a buffer overflow...

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryMallocExMm function in UriQuery.c has an integer overflow due to the use of a long string...

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : uriparser vulnerability (USN-8409-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8409-1 advisory. It was discovered that uriparser incorrectly handled certain URI strings. An attacker could possibly u...

openSUSE 16 Security Update : uriparser (openSUSE-SU-2026:20910-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20910-1 advisory. This update for uriparser fixes the following issue: - CVE-2025-67899: unbounded recursion and stack consumption bsc1255000. Tenable has extracted the...

USN-8409-1 uriparser vulnerability

It was discovered that uriparser incorrectly handled certain URI strings. An attacker could possibly use this issue to cause uriparser to crash, resulting in a denial of service...

USN-8409-1: uriparser vulnerability

It was discovered that uriparser incorrectly handled certain URI strings. An attacker could possibly use this issue to cause uriparser to crash, resulting in a denial of service...

Security update for uriparser (moderate)

openSUSE security update: security update for uriparser ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20910-1 Rating: moderate References: bsc1255000 Cross-References: CVE-2025-67899 CVSS scores: CVE-2025-67899 SUSE : 4...

CVE-2026-44928

A flaw was found in uriparser. The EqualsUri function can incorrectly identify distinct Uniform Resource Identifiers URIs as identical. This misclassification can lead to improper URI handling within applications that use uriparser, potentially compromising data integrity. Mitigation Mitigation f...

CVE-2026-44927

A flaw was found in uriparser. This vulnerability involves pointer difference truncation, where calculations involving memory addresses are incorrectly shortened. This could lead to minor data integrity issues within the application. Exploitation of this flaw requires local access to the system a...

OPENSUSE-SU-2026:20910-1 Security update for uriparser

This update for uriparser fixes the following issue: - CVE-2025-67899: unbounded recursion and stack consumption bsc1255000...

PHP 8.5.x < 8.5.7 Multiple Vulnerabilities

The version of PHP installed on the remote host is prior to 8.5.7. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.5.7 advisory. - In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. CVE-2026-44928 - In uriparse...

[SECURITY] Fedora 43 Update: uriparser-1.0.2-1.fc43

Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license...

Fedora 43 : uriparser (2026-aa5877c5ba)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aa5877c5ba advisory. Update to uriparser-1.0.2. ---- Update to uriparser-1.0.1. Tenable has extracted the preceding description block directly from the Fedora security advisory...

Amazon Linux 2023 : php8.5, php8.5-bcmath, php8.5-cli (ALAS2023-2026-1733)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1733 advisory. uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer...

Important: php8.5

Issue Overview: uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer difference truncation to int in various places. CVE-2026-44927 In uriparser before 1.0.2, t...

Astra Linux - уязвимость в uriparser

A issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner...

OESA-2026-2301 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

Fedora 42 : uriparser (2026-593d463bbf)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-593d463bbf advisory. Update to uriparser-1.0.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

OESA-2026-2230 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...