OSV-2018-153

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openssl/OSV-2018-153.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2018-153
Published
2021-01-13T00:01:05.757240Z
Modified
2022-04-13T03:04:38.752978Z
Summary
Heap-buffer-overflow in asn1_ex_i2c
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7696

Crash type: Heap-buffer-overflow READ 4
Crash state:
asn1_ex_i2c
asn1_i2d_ex_primitive
ASN1_item_ex_i2d
References

Affected packages

OSS-Fuzz / openssl

Package

Name
openssl
Purl
pkg:generic/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl.git
Events
Introduced
902f7d5c87d66a78d3eb10709c6cb3486a216b48
Fixed
0df65d82dbc41e8da00adb243de5918db532c8a6

Affected versions

Other

OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7

Ecosystem specific 

{
    "severity": "MEDIUM",
    "fixed_range": "a21180b70f6372fee836557df187d72f7a91b686:0df65d82dbc41e8da00adb243de5918db532c8a6"
}