OSV-2021-1387

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2021-1387.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-1387

Published

2021-09-28T00:00:13.656995Z

Modified

2022-04-13T03:04:40.992316Z

Summary

Container-overflow in std::__1::__function::__func<LLVMFuzzerTestOneInput::$_0, std::__1::allocator<LL

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39335

Crash type: Container-overflow READ 1
Crash state:
std::__1::__function::__func&lt;LLVMFuzzerTestOneInput::$_0, std::__1::allocator&lt;LL
uWS::TopicTree&lt;std::__1::basic_string&lt;char, std::__1::char_traits<char>, std::__
std::__1::__function::__func&lt;LLVMFuzzerTestOneInput::$_1, std::__1::allocator&lt;LL

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39335

Affected packages

OSS-Fuzz / uwebsockets

Package

Name: uwebsockets
Purl: pkg:generic/uwebsockets

Affected ranges

Type: GIT
Repo: https://github.com/uNetworking/uWebSockets.git
Events: Introduced

42438749674b17b5be7e9eaf6bddd0d6823e2091

Fixed

7a3bc47f753c192a54c11a3bfe826d1af8b92eda

Affected versions

v20.*

v20.0.0

v20.1.0

Ecosystem specific

{
    "severity": "MEDIUM"
}