OSV-2018-188

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gnutls/OSV-2018-188.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-188

Published

2021-01-13T00:01:19.024161Z

Modified

2022-04-13T03:04:35.641785Z

Summary

Use-of-uninitialized-value in _decode_pkcs12_auth_safe

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10138

Crash type: Use-of-uninitialized-value
Crash state:
_decode_pkcs12_auth_safe
gnutls_pkcs12_get_bag
gnutls_pkcs12_simple_parse

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10138

Affected packages

OSS-Fuzz / gnutls

Package

Name: gnutls
Purl: pkg:generic/gnutls

Affected ranges

Type: GIT
Repo: https://gitlab.com/gnutls/gnutls.git
Events: Introduced

344b2cc8f68cdde1744198034276d0e6720b1d19

Fixed

f6b4695ccafd6945cc7affda4ab9f7b9f9ed8616

Affected versions

3.*

3.6.12

3.6.13

3.6.14

3.6.14-windows

3.6.15

3.6.16

3.7.0

Other

gnutls_3_6_10

gnutls_3_6_11

gnutls_3_6_11_1

gnutls_3_6_12

gnutls_3_6_4

gnutls_3_6_5

gnutls_3_6_6

gnutls_3_6_7

gnutls_3_6_8

gnutls_3_6_9

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "5333d20ce6f14229f6579086b57de0eeacedd4fa:90a71b2e53e9696bd4c07ff98a12d06ecd2e424d",
    "fixed_range": "d165c2a37f7d072cc88db88ec97f057a9ac6e4aa:f6b4695ccafd6945cc7affda4ab9f7b9f9ed8616"
}