CVEFinder.io

CVE-2021-46141

🔶 medium
🔍 Scan for this CVE
Summary

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

CVSS Score
5.5
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2022-01-06
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 32.4% of all 317,883 vulnerabilities in our database.

#214,757
Below average severity
Severity Percentile
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE IDs (Weakness Types)
CWE-416

📦 Affected Products 10

Vendor Product Status Affected Versions
debian debian_linux Affected
v10.0
debian debian_linux Affected
v11.0
debian debian_linux Affected
v9.0
fedoraproject fedora Affected
v34
fedoraproject fedora Affected
v35
opensuse leap Affected
v15.3
opensuse backports Affected
vsle-15
uriparser_project uriparser Affected
< 0.9.6
opensuse factory Affected
v-
fedoraproject extra_packages_for_enterprise_linux Affected
v8.0

🔗 References 7

https://blog.hartwork.org/posts/uriparser-096-with-s...
Third Party Advisory
https://github.com/uriparser/uriparser/issues/121
Exploit Issue Tracking Patch Third Party Advisory
https://github.com/uriparser/uriparser/pull/124
Exploit Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01...
Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/packag...
https://lists.fedoraproject.org/archives/list/packag...
https://www.debian.org/security/2022/dsa-5063
Third Party Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-25506 ⚠️ high 7.7 0.0 MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can ... 2026-02-10
CVE-2025-62599 ⚠️ high 7.5 0.0 Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ... 2026-02-03
CVE-2025-62600 ⚠️ high 7.5 0.0 Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ... 2026-02-03
CVE-2025-62602 ⚠️ high 7.5 0.0 Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ... 2026-02-03
CVE-2025-62603 ⚠️ high 7.5 0.0 Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ... 2026-02-03
CVE-2025-62799 ⛔ critical 9.8 0.0 Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ... 2026-02-03
These CVEs affect the same products