OSV-2020-466

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libhtp/OSV-2020-466.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-466
Published
2020-07-01T00:00:11.093231Z
Modified
2022-04-13T03:04:40.509192Z
Summary
Heap-buffer-overflow in LzmaDec_DecodeToDic
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17198

Crash type: Heap-buffer-overflow READ 1
Crash state:
LzmaDec_DecodeToDic
LzmaDec_DecodeToBuf
htp_gzip_decompressor_decompress
References

Affected packages

OSS-Fuzz / libhtp

Package

Name
libhtp
Purl
pkg:generic/libhtp

Affected ranges

Type
GIT
Repo
https://github.com/OISF/libhtp.git
Events
Introduced
3c6555078ec30e0baa4855ec69d55a22fc8d3589
Fixed
fe16fa764f7cea57be5a288ee85b27dffc460f6f

Ecosystem specific 

{
    "severity": "MEDIUM"
}