CVE-2018-19198 - OpenCVE

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Uriparser Project	Uriparser

Configuration 1 [-]

cpe:2.3:a:uriparser_project:uriparser:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2019:2280
https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog	Release Notes
https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e	Patch
https://lists.debian.org/debian-lts-announce/2018/11/msg00019.html	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-11-12T15:00:00

Updated: 2019-08-06T16:06:25

Reserved: 2018-11-12T00:00:00

Link: CVE-2018-19198

JSON object: View

NVD Information

Status : Modified

Published: 2018-11-12T15:29:00.227

Modified: 2019-08-06T17:15:33.617

Link: CVE-2018-19198

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-11-12T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-06T16:06:25", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e"}, {"name": "[debian-lts-announce] 20181120 [SECURITY] [DLA 1581-1] uriparser security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00019.html"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog"}, {"name": "RHSA-2019:2280", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:2280"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-19198", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e", "refsource": "MISC", "url": "https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e"}, {"name": "[debian-lts-announce] 20181120 [SECURITY] [DLA 1581-1] uriparser security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00019.html"}, {"name": "https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog", "refsource": "MISC", "url": "https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog"}, {"name": "RHSA-2019:2280", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2280"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-19198", "datePublished": "2018-11-12T15:00:00", "dateReserved": "2018-11-12T00:00:00", "dateUpdated": "2019-08-06T16:06:25", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:uriparser_project:uriparser:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CDFDF1E-3FB8-4A74-875F-5F4857CE03E7", "versionEndExcluding": "0.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts."}, {"lang": "es", "value": "Se ha descubierto un problema en versiones anteriores a la 0.9.0 de uriparser. UriQuery.c permite la escritura fuera de l\u00edmites mediante las funciones uriComposeQuery* o uriComposeQueryEx* debido a que el car\u00e1cter '' se gestiona de manera incorrecta en ciertos contextos."}], "id": "CVE-2018-19198", "lastModified": "2019-08-06T17:15:33.617", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-11-12T15:29:00.227", "references": [{"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:2280"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/uriparser/uriparser/commit/864f5d4c127def386dd5cc926ad96934b297f04e"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00019.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}