OSV-2017-79

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/curl/OSV-2017-79.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2017-79

Published

2021-01-13T21:57:35.291125Z

Modified

2022-04-13T03:04:42.850130Z

Summary

Heap-buffer-overflow in fuzz_read_callback

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4785

Crash type: Heap-buffer-overflow WRITE {*}
Crash state:
fuzz_read_callback
Curl_fillreadbuffer
readwrite_upload

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4785

Affected packages

OSS-Fuzz / curl

Package

Name: curl
Purl: pkg:generic/curl

Affected ranges

Type: GIT
Repo: https://github.com/curl/curl.git
Events: Introduced

7ee59512f875604eb468fb6f3d26e39290f781c9

Fixed

ab6eb2ec0744074004980d0f98677e52b215941f

Affected versions

Other

curl-7_57_0

curl-7_58_0

curl-7_59_0

curl-7_60_0

curl-7_61_0

curl-7_61_1

curl-7_62_0

curl-7_63_0

curl-7_64_0

curl-7_64_1

curl-7_65_0

curl-7_65_1

curl-7_65_2

curl-7_65_3

curl-7_66_0

curl-7_67_0

curl-7_68_0

curl-7_69_0

curl-7_69_1

curl-7_70_0

curl-7_71_0

curl-7_71_1

curl-7_72_0

curl-7_73_0

curl-7_74_0

tiny-curl-7_72_0

Ecosystem specific

{
    "severity": "HIGH",
    "introduced_range": "1cb4f5d6e8e470638759a48ba99fda230089712f:e240a546a7ac2fa7956adb664b8c40c4dee4f82b",
    "fixed_range": "b399b04902c43f479b51b142505700edcfc34271:ab6eb2ec0744074004980d0f98677e52b215941f"
}