OSV-2018-117

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/envoy/OSV-2018-117.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2018-117
Published
2021-01-13T00:00:54.062431Z
Modified
2022-04-13T03:04:31.611152Z
Summary
Heap-buffer-overflow in Envoy::StringUtil::itoa
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10038

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
Envoy::StringUtil::itoa
Envoy::Http::HeaderString::setInteger
Envoy::TestOneProtoInput
References

Affected packages

OSS-Fuzz / envoy

Package

Name
envoy
Purl
pkg:generic/envoy

Affected ranges

Type
GIT
Repo
https://github.com/envoyproxy/envoy.git
Events
Introduced
78ad2ef735657ba79393ce8f3a41259c136e41ed
Fixed
f7d3cb638662f0787699b763134e1e64118d573f
Fixed
28d5f4118d60f828b1453cd8ad25033f2c8e38ab

Ecosystem specific 

{
    "severity": "HIGH",
    "introduced_range": "f1aee97b079ad4a0130583ef7cd656351dd70bd7:f4ac32bfc884e418bd8c5bc7777e45f9d9f22b34"
}

Database specific 

{
    "fixed_range": "f4ac32bfc884e418bd8c5bc7777e45f9d9f22b34:28d5f4118d60f828b1453cd8ad25033f2c8e38ab"
}