CVE-2018-19200 — NULL Pointer Dereference in Project Uriparser

CWE-476 — NULL Pointer Dereference12 documents8 sources

Severity

7.5HIGHNVD

OSV9.8

EPSS

1.1%

top 21.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Uriparser Project Uriparser Debian Linux

Timeline

PublishedNov 12

Latest updateMay 14

Description

An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶NVDuriparser_project/uriparser< 0.9.0

▶Debianuriparser_project/uriparser< 0.9.0-1+3

▶Ubuntuuriparser_project/uriparser< 0.8.4-1+deb9u2build0.18.04.1+2

▶NVDdebian/debian_linux< 8.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-gjmj-x7m9-7jqw: An issue was discovered in uriparser before 0↗2022-05-14

▶

OSV

uriparser vulnerability↗2021-12-09

▶

OSV

uriparser vulnerabilities↗2021-12-06

▶

OSV

CVE-2018-19200: An issue was discovered in uriparser before 0↗2018-11-12

▶

CVEList

CVE-2018-19200: An issue was discovered in uriparser before 0↗2018-11-12

▶

📋Vendor Advisories

Ubuntu

uriparser vulnerability↗2021-12-09

▶

Ubuntu

uriparser vulnerabilities↗2021-12-06

▶

Red Hat

uriparser: NULL pointer dereference via uriResetUri* function↗2018-09-23

▶

Debian

CVE-2018-19200: uriparser - An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted ...↗2018

▶

💬Community

Bugzilla

CVE-2018-19198 CVE-2018-19199 CVE-2018-19200 uriparser: various flaws [fedora-all]↗2018-11-21

▶

Bugzilla

CVE-2018-19200 uriparser: NULL pointer dereference via uriResetUri* function↗2018-11-21

▶