OSV-2020-875

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2020-875.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-875
Published
2020-07-14T22:13:54.264021Z
Modified
2022-04-13T03:04:36.292237Z
Summary
Use-of-uninitialized-value in ndpi_strdup
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22475

Crash type: Use-of-uninitialized-value
Crash state:
ndpi_strdup
processClientServerHello
processTLSBlock
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
4ec3e6c064b56f1434bd4c887bd96d0916d07f2e
Fixed
6c366d73e27ab2097a197cd6d9870c1ca2457cc8

Affected versions

3.*
3.4

Ecosystem specific 

{
    "fixed_range": "50f4049b58b9d04a403ba7570935f887aef937db:6c366d73e27ab2097a197cd6d9870c1ca2457cc8",
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2020-875.yaml"