OSV-2021-258

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2021-258.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-258
Published
2021-02-01T00:00:12.032478Z
Modified
2022-04-13T03:04:32.279738Z
Summary
Heap-buffer-overflow in unstripe
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30087

Crash type: Heap-buffer-overflow READ 1
Crash state:
unstripe
arith_uncompress_to
arith_decode
References

Affected packages

OSS-Fuzz / htslib

Package

Name
htslib
Purl
pkg:generic/htslib

Affected ranges

Type
GIT
Repo
https://github.com/samtools/htslib.git
Events
Introduced
0d1971cbebb269d90a563464e4f56987290e20ab
Fixed
6568f13bf7b36f280a8f0e4777fe05c85a9dcf06
Fixed
2d1e9549f45881a014a387dd2c3287508a863ff9

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "53d7277ad2feb71e2e65f6c71107d854e89c7440:2d1e9549f45881a014a387dd2c3287508a863ff9"
}