OSV-2020-2239

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2020-2239.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2239
Published
2020-12-05T00:00:32.824865Z
Modified
2022-04-13T03:23:34.051218Z
Summary
Heap-buffer-overflow in flb_http_do
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28256

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
flb_http_do
http_fuzzer.c
References

Affected packages

OSS-Fuzz / fluent-bit

Package

Name
fluent-bit
Purl
pkg:generic/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit/
Events
Introduced
10ceb5b2ab6635a000f3eceaa267e1e34496de6b
Fixed
16f4084f36c78d1c121a78aafb7dc1db5fe699e9
Fixed
b4036d78e0963f9051bea9501437852d0bf6772e
Fixed
d5e58829f7aa930d4d2dafbe8cd9fdfb080be924

Affected versions

v1.*

v1.7.0
v1.7.0-rc1
v1.7.0-rc2
v1.7.0-rc3
v1.7.0-rc4
v1.7.0-rc5
v1.7.0-rc6
v1.7.0-rc7
v1.7.0-rc8
v1.7.0-rc9
v1.7.1

Ecosystem specific 

{
    "severity": "HIGH"
}