OSV-2020-2075

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2020-2075.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2075
Published
2020-10-16T00:00:35.685490Z
Modified
2022-04-13T03:04:38.344561Z
Summary
Heap-use-after-free in flb_parser_decoder_list_destroy
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26345

Crash type: Heap-use-after-free READ 8
Crash state:
flb_parser_decoder_list_destroy
parser_fuzzer.c
flb_free
References

Affected packages

OSS-Fuzz / fluent-bit

Package

Name
fluent-bit
Purl
pkg:generic/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit/
Events
Introduced
d95ea655478ab9b0e97312ad80ac1da591ce7aaa
Fixed
61164218298f9dbee5bac6648b5b4f5e97759bba
Introduced
aea2b787028482a159de615fe9a891deb19cb8dc

Affected versions

v1.*

v1.6.1
v1.6.10
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v1.6.9

Ecosystem specific 

{
    "severity": "HIGH"
}