CVE-2026-42371 PUBLISHED

Assigner: mitre
Reserved: 27.04.2026 Published: 27.04.2026 Updated: 27.04.2026

uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Score: 5.1

Product Status

Vendor uriparser
Product uriparser
Versions Default: unaffected
  • affected from 0 to 1.0.1 (excl.)

References

Problem Types

  • CWE-197 Numeric Truncation Error CWE