OSV-2021-1392

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2021-1392.yaml

Published

2021-09-28T00:01:42.602963Z

Modified

2022-04-13T03:04:41.041539Z

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39354

Crash type: Container-overflow READ 1
Crash state:
std::__1::__function::__func<uWS::TemplatedApp<false>&& uWS::TemplatedApp<false>
uWS::TopicTree<uWS::TopicTreeMessage>::publish
ofats::any_detail::handler_traits&lt;void, uWS::WebSocket&lt;false, true, test

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39354

Affected packages

OSS-Fuzz / uwebsockets

Package

Name: uwebsockets

Affected ranges

Type: GIT
Repo: https://github.com/uNetworking/uWebSockets.git
Events: Introduced

a924404bed081bdfa94df54c79395285ca83644c

Fixed

7a3bc47f753c192a54c11a3bfe826d1af8b92eda

Ecosystem specific

{
    "severity": "MEDIUM"
}