OSV-2021-453

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/uwebsockets/OSV-2021-453.yaml

Published

2021-02-28T00:00:19.863324Z

Modified

2022-04-13T03:04:41.024750Z

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31457

Crash type: UNKNOWN WRITE
Crash state:
std::__1::pair&lt;unsigned int, void*> uWS::HttpParser::fenceAndConsumePostPadded&lt;0
uWS::HttpParser::consumePostPadded
std::__1::__function::__func&lt;LLVMFuzzerTestOneInput::$_0, std::__1::allocator&lt;LL

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31457

Affected packages

OSS-Fuzz / uwebsockets

Package

Name: uwebsockets

Affected ranges

Type: GIT
Repo: https://github.com/uNetworking/uWebSockets.git
Events: Introduced

7b330e9e03102ad75b102c9bb75bba573dc70045

Fixed

1507f3f98abf6bb56cd5bb26de0776a9e2c2cf36

Fixed

4e4fd20b8ce03b30810cdb49b6237fb475c5ae05

Ecosystem specific

{
    "severity": "HIGH"
}