Out-of-Bounds Write Vulnerability in uriparser before 0.9.0

Out-of-Bounds Write Vulnerability in uriparser before 0.9.0

CVE-2018-19198 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.

Learn more about our Web Application Penetration Testing UK.