CVE-2024-34402

Published May 3rd, 2024

View on NVD ↗

CVSS v3

8.6

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

uriparser/uriparser

:hocho: Strictly RFC 3986 compliant URI parsing and handling library written in C99; moved from SourceForge to GitHub

GitHub

409