OSV-2020-1347

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/curl/OSV-2020-1347.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-1347

Published

2020-07-22T21:50:08.310638Z

Modified

2022-04-13T03:04:42.837836Z

Summary

Negative-size-param in fuzz_tlv_to_string

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16703

Crash type: Negative-size-param
Crash state:
fuzz_tlv_to_string
fuzz_parse_mime_tlv
fuzz_add_mime_part

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16703

Affected packages

OSS-Fuzz / curl

Package

Name: curl
Purl: pkg:generic/curl

Affected ranges

Type: GIT
Repo: https://github.com/curl/curl.git
Events: Introduced

0a5d28fa2ec872de55c8d3f3b62675f17ca9cd45

Fixed

25f962193574e35fe638764c3afb9d25d8a9768b

Ecosystem specific

{
    "introduced_range": "unknown:0a5d28fa2ec872de55c8d3f3b62675f17ca9cd45",
    "fixed_range": "0a5d28fa2ec872de55c8d3f3b62675f17ca9cd45:25f962193574e35fe638764c3afb9d25d8a9768b"
}