OSV-2020-2155

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfssl/OSV-2020-2155.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2155
Published
2020-11-15T22:33:36.192808Z
Modified
2022-04-13T03:04:35.746596Z
Summary
Heap-buffer-overflow in wolfSSH_CleanPath
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27436

Crash type: Heap-buffer-overflow READ 16
Crash state:
wolfSSH_CleanPath
ParseScpCommand
DoScpRequest
References

Affected packages

OSS-Fuzz / wolfssl

Package

Name
wolfssl
Purl
pkg:generic/wolfssl

Affected ranges

Type
GIT
Repo
https://github.com/wolfssl/wolfssl
Events
Introduced
83cdd1c314af5d6326470254b3cdbb9d85182348
Fixed
a1e083b5b13a681003e564351a55634d2f56d03a

Affected versions

v4.*

v4.6.0-stable

Ecosystem specific 

{
    "severity": "MEDIUM",
    "introduced_range": "deaf3b4b40d26663191d085557fbeb8cafa420ae:881657782478cef4a1527847bb2c4cd427bd6c99",
    "fixed_range": "6e0e507dad67f62f148e8124903172de817802f9:a1e083b5b13a681003e564351a55634d2f56d03a"
}