OSV-2020-2014

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2020-2014.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2014
Published
2020-10-11T00:00:12.565611Z
Modified
2022-04-13T03:04:38.285201Z
Summary
Stack-buffer-overflow in flb_sds_cat
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26237

Crash type: Stack-buffer-overflow READ {*}
Crash state:
flb_sds_cat
flb_msgpack_gelf_value
flb_msgpack_to_gelf
References

Affected packages

OSS-Fuzz / fluent-bit

Package

Name
fluent-bit
Purl
pkg:generic/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit/
Events
Introduced
d62166140fab2faa5307d871957dbac16bc08dc2
Fixed
8315c5029f1b8bc855a2263b1986f22d24cd1a3b
Fixed
4e7894d3fd7c03071a8079ee33595921d0133893

Affected versions

v1.*

v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6

Ecosystem specific 

{
    "severity": "MEDIUM"
}