OSV-2018-457

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wget/OSV-2018-457.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2018-457
Published
2021-01-15T00:01:25.715652Z
Modified
2022-04-13T03:04:42.412834Z
Summary
Heap-buffer-overflow in xstrndup
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8033

Crash type: Heap-buffer-overflow READ 11
Crash state:
xstrndup
get_urls_css
wget_css_fuzzer.c
References

Affected packages

OSS-Fuzz / wget

Package

Name
wget
Purl
pkg:generic/wget

Affected ranges

Type
GIT
Repo
https://git.savannah.gnu.org/git/wget.git
Events
Introduced
f56f970bc2b0df1d26ebd6a0a86083b37017cd70
Fixed
78838d761f9699a6f17107a522c13cb200ae50c5
Fixed
3636b2a5af1314b82bd2e1a4fefe5aa4a47553d7

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "f56f970bc2b0df1d26ebd6a0a86083b37017cd70:3636b2a5af1314b82bd2e1a4fefe5aa4a47553d7"
}