OSV-2020-2017

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-2017

Published

2020-10-12T00:00:07.776885Z

Modified

2022-04-13T03:39:52.717186Z

Summary

Heap-buffer-overflow in flb_msgpack_to_json

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26248

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
flb_msgpack_to_json
flb_msgpack_raw_to_json_sds
msgpack_parse_fuzzer.c

References

Affected packages

Type: GIT
Repo: https://github.com/fluent/fluent-bit/
Events: Introduced

d62166140fab2faa5307d871957dbac16bc08dc2

Fixed

979a9bb728b490659e7e6076c17f3e4cb2c5bd59

Fixed

73410b3cd81ac8972160902db7d6f666cad3a7fa

Fixed

72b62d2270edda9a0281ff8a6c3903d99e1892c9

v1.6.0

v1.6.1

v1.6.2

v1.6.3

{
    "severity": "HIGH"
}

{
    "fixed_range": "370a68585b5eb7763183c2f1e6a6d937b5e1d077:72b62d2270edda9a0281ff8a6c3903d99e1892c9"
}