OSV-2020-1294

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2020-1294.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1294
Published
2020-07-22T21:50:03.900037Z
Modified
2022-04-13T03:04:36.275838Z
Summary
Heap-buffer-overflow in SHA1Update
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18740

Crash type: Heap-buffer-overflow READ {*}
Crash state:
SHA1Update
getSSCertificateFingerprint
tlsDetectProtocolFromCertificate
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
e695dd6eade754b2d50bdf297ca8bdc4105f93ff
Fixed
ab9ccf9eb9a6571d84bd0b2c8e185565d0d700f6

Ecosystem specific 

{
    "severity": "MEDIUM",
    "introduced_range": "unknown:e695dd6eade754b2d50bdf297ca8bdc4105f93ff"
}