OSV-2020-473

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/envoy/OSV-2020-473.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-473
Published
2020-07-01T00:00:11.677829Z
Modified
2022-04-13T03:31:47.875856Z
Summary
Heap-use-after-free in Envoy::Server::InitManagerImpl::initializeTarget
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13221

Crash type: Heap-use-after-free READ 8
Crash state:
Envoy::Server::InitManagerImpl::initializeTarget
Envoy::Server::InitManagerImpl::initialize
Envoy::Server::ValidationInstance::initialize
References

Affected packages

OSS-Fuzz / envoy

Package

Name
envoy
Purl
pkg:generic/envoy

Affected ranges

Type
GIT
Repo
https://github.com/envoyproxy/envoy.git
Events
Introduced
e96425aabcce10ab2030de66f69cbb20a867322f
Fixed
fd79055373e0b127b3d32a062ac93b6bc891fb77
Fixed
330d03c58910d6ebe97a696fe0d2e70b3d7519ed

Affected versions

v1.*

v1.9.0

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "4fae56e36d6d640c12d9c6bf60d798d54923e0d2:330d03c58910d6ebe97a696fe0d2e70b3d7519ed"
}