OSV-2020-1699

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/rnp/OSV-2020-1699.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1699
Published
2020-09-04T00:00:16.840683Z
Modified
2022-04-13T03:33:34.317362Z
Summary
Heap-buffer-overflow in rnp_key_store_kbx_from_src
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25386

Crash type: Heap-buffer-overflow READ 1
Crash state:
rnp_key_store_kbx_from_src
rnp_load_keys
keyring_kbx.c
References

Affected packages

OSS-Fuzz / rnp

Package

Name
rnp
Purl
pkg:generic/rnp

Affected ranges

Type
GIT
Repo
https://github.com/rnpgp/rnp.git
Events
Introduced
29ab1870c84737b836fd6ea7ee1d7cd9d1ecfafb
Fixed
a78cdb748a715796613c59f07575737b767fcab9
Fixed
6a5fb890eb30a59f7aa46b3e915a236d4bbe4176
Introduced
0d8da3729dab8d36ba3a86116cd204aef7a725b8
Fixed
f390442dc9bc3a4cf44c35a642f6094f11075f5d

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "cfcd0dffdb42bcc2b96f4dd9485dde2796d48fcc:6a5fb890eb30a59f7aa46b3e915a236d4bbe4176"
}