OSV-2020-540

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/postgis/OSV-2020-540.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-540
Published
2020-07-01T00:00:15.605041Z
Modified
2022-04-13T03:04:39.447294Z
Summary
Heap-buffer-overflow in byte_from_wkb_state
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16591

Crash type: Heap-buffer-overflow READ 1
Crash state:
byte_from_wkb_state
lwgeom_from_wkb_state
lwcollection_from_wkb_state
References

Affected packages

OSS-Fuzz / postgis

Package

Name
postgis
Purl
pkg:generic/postgis

Affected ranges

Type
GIT
Repo
https://git.osgeo.org/gitea/postgis/postgis.git
Events
Introduced
e0b9fcce14c44a6a3be8e79a4cb3a2d13e79fc7a
Fixed
b1abe27db0869d345ac5c0240a21e322a725fff9

Affected versions

3.*

3.0.0beta1
3.0.0rc1

Ecosystem specific 

{
    "severity": "MEDIUM"
}