OSV-2021-1585

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/opensips/OSV-2021-1585.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1585
Published
2021-11-18T00:00:17.931643Z
Modified
2023-02-24T01:59:34.563727Z
Summary
Heap-buffer-overflow in _parse_to
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41073

Crash type: Heap-buffer-overflow READ 1
Crash state:
_parse_to
parse_to
get_hdr_field
References

Affected packages

OSS-Fuzz / opensips

Package

Name
opensips
Purl
pkg:generic/opensips

Affected ranges

Type
GIT
Repo
https://github.com/OpenSIPS/opensips
Events
Introduced
cb56694d290530ac308f44b453c18120b1c1109d
Introduced
1d4e56fc1f4f96dbb811074fbf1ac4c72b2b7167
Introduced
eab8ff654bebaa04dda7bed78266844b385f928b
Fixed
51b908f8fde0aa2eac8dbcfff319281625d6f3f2
Fixed
e3218949b324779d1f56ff0035af3b4d7ff84433
Fixed
a6c2761305f28abe0b2f0f2eee6f53e78d9a246f
Fixed
9aa1033b9598f85d88a9bdd1b12d0cb15b0ca940

Affected versions

3.*

3.1.10
3.1.11
3.1.7
3.1.8
3.1.9
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.3.0
3.3.0-beta
3.3.0-rc1
3.3.1

Ecosystem specific 

{
    "severity": "MEDIUM"
}