OSV-2017-83

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2017-83

Published

2021-01-13T21:57:36.312189Z

Modified

2022-04-13T03:04:39.974250Z

Summary

Heap-buffer-overflow in idn2_lookup_u8

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2262

Crash type: Heap-buffer-overflow READ 4
Crash state:
idn2_lookup_u8
_psl_idna_toASCII
_add_punycode_if_needed

References

Affected packages

Type: GIT
Repo: https://github.com/rockdaboot/libpsl.git
Events: Introduced

666c07b36418334435077f04583c37a45a8f6722

Fixed

0cbb7089f60931870d19c9fc323fa0cccafd8907

{
    "severity": "MEDIUM",
    "fixed_range": "fa69455d0748ae3c3318a5e2b9860ac9bb80485d:0cbb7089f60931870d19c9fc323fa0cccafd8907"
}