Uriparser Project: >> Uriparser >> 0.9.6 Security Vulnerabilities
In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal.
CVSS Score
2.9
EPSS Score
0.002
Published
2026-05-08
In uriparser before 1.0.2, there is pointer difference truncation to int in various places.
CVSS Score
2.9
EPSS Score
0.002
Published
2026-05-08
uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.
CVSS Score
5.1
EPSS Score
0.002
Published
2026-04-27
An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.
CVSS Score
8.6
EPSS Score
0.012
Published
2024-05-03
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
CVSS Score
5.9
EPSS Score
0.013
Published
2024-05-03