OSV-2020-1887

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libzmq/OSV-2020-1887.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1887
Published
2020-09-30T00:00:04.296094Z
Modified
2022-04-13T03:04:32.787196Z
Summary
Heap-buffer-overflow in zmq::tcp_read
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26042

Crash type: Heap-buffer-overflow WRITE {*}
Crash state:
zmq::tcp_read
zmq::stream_engine_base_t::read
zmq::stream_engine_base_t::in_event_internal
References

Affected packages

OSS-Fuzz / libzmq

Package

Name
libzmq
Purl
pkg:generic/libzmq

Affected ranges

Type
GIT
Repo
https://github.com/zeromq/libzmq.git
Events
Introduced
b56195e995e0875afabf405826d97b1dd9817bb0
Fixed
397ac80850bf8d010fae23dd215db0ee2c677306

Affected versions

v4.*

v4.3.3

Ecosystem specific 

{
    "severity": "HIGH"
}