OSV-2021-437

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2021-437.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-437

Published

2021-02-23T00:00:23.638786Z

Modified

2022-04-13T03:04:41.003419Z

Summary

Heap-use-after-free in ofats::any_detail::handler_traits<void>::handler_base<ofats::any_detail::handler

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31209

Crash type: Heap-use-after-free WRITE 8
Crash state:
ofats::any_detail::handler_traits<void>::handler_base&lt;ofats::any_detail::handler
uWS::Loop::wakeupCb
us_internal_dispatch_ready_poll

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31209

Affected packages

OSS-Fuzz / uwebsockets

Package

Name: uwebsockets
Purl: pkg:generic/uwebsockets

Affected ranges

Type: GIT
Repo: https://github.com/uNetworking/uWebSockets.git
Events: Introduced

52927697c19547fde9609ec388b129c0b9e85fc3

Fixed

09aef610e0dbc1de7297fda3a873a6d84498d4f7

Ecosystem specific

{
    "severity": "HIGH"
}