OSV-2020-1022

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/picotls/OSV-2020-1022.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1022
Published
2020-07-22T21:49:40.455457Z
Modified
2022-04-13T03:04:42.386990Z
Summary
Heap-buffer-overflow in ptls_set_negotiated_protocol
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13682

Crash type: Heap-buffer-overflow READ {*}
Crash state:
ptls_set_negotiated_protocol
client_handle_encrypted_extensions
handle_handshake_record
References

Affected packages

OSS-Fuzz / picotls

Package

Name
picotls
Purl
pkg:generic/picotls

Affected ranges

Type
GIT
Repo
https://github.com/h2o/picotls
Events
Introduced
4965a3820533a979fb01da26cd4d6e1fea89e5b7
Fixed
96c5aa9dd25f1ee27548d8ad8b25a890af1504d8

Ecosystem specific 

{
    "severity": "MEDIUM",
    "introduced_range": "unknown:4965a3820533a979fb01da26cd4d6e1fea89e5b7"
}