Primary

Context

uriparser Pointer Difference Truncation Vulnerability

Vulnerability

Patched

A vulnerability exists in uriparser versions prior to 1.0.2, where pointer difference is truncated to an integer in several instances. This truncation could potentially lead to incorrect memory address calculations or buffer overflows.

Impact

The truncation of pointer differences to integers can cause memory-related issues, such as incorrect address calculations or buffer overflows, which could be exploited to execute arbitrary code or cause a denial-of-service condition.

Remediation

Users can upgrade to uriparser version 1.0.2 or later to address this vulnerability.

Added: May 8, 2026, 8:22 AM

Updated: May 8, 2026, 8:22 AM

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

1.9

exploitability

4.7

remediation

7.7

relevance

7.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.2

impact

1.9

exploitability

4.7

remediation

7.7

relevance

7.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

uriparser Pointer Difference Truncation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

uriparser

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating