An issue exists in uriparser prior to 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uriparser project uriparser |
||
debian debian linux 8.0 |