Memory Management Vulnerability in uriparser by URIPARSER
CVE-2021-46141

5.5MEDIUM

Key Information:

Vendor

Uriparser Project

Status
Uriparser
Vendor
CVE Published:
6 January 2022

What is CVE-2021-46141?

A memory management vulnerability has been identified in the uriparser library, affecting versions prior to 0.9.6. This issue stems from improper handling of memory during the uriFreeUriMembers and uriMakeOwner functions, which can lead to invalid free operations. These vulnerabilities may result in potential security risks, including data corruption or unpredictable application behavior. Users are advised to update to the latest version to mitigate these risks.

References

https://github.com/uriparser/uriparser/issues/121
x_refsource_MISC
https://github.com/uriparser/uriparser/pull/124
x_refsource_MISC
https://blog.hartwork.org/posts/uriparser-096-with-securi...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.