An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax.
blog.hartwork.org/posts/uriparser-096-with-security-fixes-released/
github.com/uriparser/uriparser/issues/122
github.com/uriparser/uriparser/pull/124
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MO6T7WA27H7K3WI2AXUAGPWBGK4HM65D/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGIJTDNEMU2V4H3JJBQVKBRHU5GBQKG2/
www.debian.org/security/2022/dsa-5063