Updated: 2025-12-18 23:33:18.733643
Description:
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | NONE | 0.0 |
| CVSS Version 3.x | LOW | 2.9 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | php | 8.0.30 | 2.9 | LOW | Not Vulnerable | 2026-01-29 20:23:51 | ||
| Alpine Linux 3.18 ELS | php | 8.2.16 | 2.9 | LOW | Needs Triage | 2026-02-11 10:04:57 | ||
| CentOS 6 ELS | php | 5.3.3 | 2.9 | LOW | Ignored | 2025-12-25 23:04:39 | This issue is a denial‑of‑service only condition in uriparser ≤0.9.9 that requires feeding the... | |
| CentOS 7 ELS | php | 5.4.16 | 2.9 | LOW | Ignored | 2025-12-24 04:23:27 | ||
| CentOS 8.4 ELS | php | 7.4.6 | 2.9 | LOW | Ignored | 2026-01-17 01:22:57 | This is a local-only, high‑complexity stack‑exhaustion in uriparser that requires an application... | |
| CentOS 8.5 ELS | php | 7.4.19 | 2.9 | LOW | Ignored | 2026-01-17 01:23:01 | This is a local-only, high‑complexity stack‑exhaustion in uriparser that requires an application... | |
| CentOS Stream 8 ELS | php | 7.2.24 | 2.9 | LOW | Ignored | 2026-01-17 01:22:56 | This is a local-only, high‑complexity stack‑exhaustion in uriparser that requires an application... | |
| CloudLinux 7 ELS | php | 5.4.16 | 2.9 | LOW | Ignored | 2025-12-24 04:23:31 | ||
| Debian 10 ELS | php | 7.3 | 2.9 | LOW | Ignored | 2025-12-25 23:04:39 | This issue is a denial‑of‑service only condition in uriparser ≤0.9.9 that requires feeding the... | |
| Oracle Linux 6 ELS | php | 5.3.3 | 2.9 | LOW | Ignored | 2025-12-25 23:04:43 | This issue is a denial‑of‑service only condition in uriparser ≤0.9.9 that requires feeding the... |