OSV-2018-206

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/boringssl/OSV-2018-206.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2018-206
Withdrawn
2024-05-08T03:26:30Z
Published
2021-01-13T00:01:24.412685Z
Modified
2024-05-08T03:26:30Z
Summary
Heap-buffer-overflow in parse_sigalgs_list
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9808

Crash type: Heap-buffer-overflow READ 1
Crash state:
parse_sigalgs_list
SSL_CTX_set1_sigalgs_list
std::__1::function<void
References

Affected packages

OSS-Fuzz / boringssl

Package

Name
boringssl
Purl
pkg:generic/boringssl

Affected ranges

Type
GIT
Repo
https://boringssl.googlesource.com/boringssl
Events
Introduced
826ce15092f45ce0ff957b1d2849d74fc7a1cb83
Fixed
ddedf6d455e33d6a0b3bc40581700f3d252029d7

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/boringssl/OSV-2018-206.yaml"