OSV-2020-1655

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libzmq/OSV-2020-1655.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1655
Published
2020-08-24T00:01:20.386536Z
Modified
2022-04-13T03:04:32.792589Z
Summary
Heap-buffer-overflow in zmq_z85_decode
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25167

Crash type: Heap-buffer-overflow READ {*}
Crash state:
zmq_z85_decode
zmq::options_t::set_curve_key
zmq::options_t::setsockopt
References

Affected packages

OSS-Fuzz / libzmq

Package

Name
libzmq
Purl
pkg:generic/libzmq

Affected ranges

Type
GIT
Repo
https://github.com/zeromq/libzmq.git
Events
Introduced
5b0956c38198652c3ab41d325e93cd89a076635f
Fixed
9fe56b175dff42baaa55963117dac70e5a270272
Fixed
97f82741293c67cc0ba9c343456e9ea0dde00055

Ecosystem specific 

{
    "severity": "MEDIUM",
    "fixed_range": "8cc56d9f0f2f36fad30d7b48775fffc1715ad02a:9fe56b175dff42baaa55963117dac70e5a270272"
}