ALAS2-2019-1356 --- uriparser| ID: oval:org.secpod.oval:def:1700263 | Date: (C)2019-11-11 (M)2023-12-20 |
| Class: PATCH | Family: unix |
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the #039;#039; character is mishandled in certain contexts.An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
