Joergen Ibsen

**Name of the Vulnerable Software and Affected Versions** uriparser versions prior to 0.9.1 **Description** The issue is related to an out-of-bounds read in the URI FUNC() function within the UriParse.c component of the uriparser. This occurs when parsing an incomplete URI that contains an IPv6 address with an embedded IPv4 address. The exploitation of this issue can allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the URI FUNC() function when parsing incomplete URIs until a patch is available.