CVE-2025-67899

CVSS v3.1

2.9

Low

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions uriparser versions through 0.9.9

Description The software is susceptible to an issue involving unbounded recursion and stack consumption. This occurs when processing large inputs containing numerous commas, specifically when using the ParseMustBeSegmentNzNc function.

Recommendations Update to a newer version of uriparser than 0.9.9. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Uncontrolled Recursion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-674

Related Identifiers

AZL-72379

AZL-72862

CVE-2025-67899

ECHO-FAFD-C1A0-0F9D

OESA-2026-2187

OESA-2026-2188

OESA-2026-2229

OESA-2026-2230

OESA-2026-2231

OPENSUSE-SU-2026:10045-1

OPENSUSE-SU-2026:10595-1

RHSA-2026:7642

SUSE-SU-2026:0444-1

Affected Products

Debian

Uriparser

CVE-2025-67899

Weakness Enumeration

Related Identifiers

Affected Products

References · 37