In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal.

In uriparser before 1.0.2, there is pointer difference truncation to int in various places.

uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or valu

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.

An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner.

URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParseEx functions) for an incomplete URI wit

An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* functi

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQuery

An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQu