OSV-2020-1245

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libressl/OSV-2020-1245.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1245
Published
2020-07-22T21:49:59.889244Z
Modified
2022-04-13T03:04:38.784279Z
Summary
Heap-buffer-overflow in c2i_ASN1_INTEGER
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14142

Crash type: Heap-buffer-overflow READ 1
Crash state:
c2i_ASN1_INTEGER
asn1_ex_c2i
asn1_d2i_ex_primitive
References

Affected packages

OSS-Fuzz / libressl

Package

Name
libressl
Purl
pkg:generic/libressl

Affected ranges

Type
GIT
Repo
https://github.com/libressl-portable/portable.git
Events
Introduced
4ea2a01a0d2cc889e95316f51c7a36f8f158df44
Fixed
2f7827344a0234320c7ad8d2fc2418e9d8a586c9

Ecosystem specific 

{
    "severity": "MEDIUM",
    "introduced_range": "unknown:4ea2a01a0d2cc889e95316f51c7a36f8f158df44"
}