OSV-2022-1065

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/curl/OSV-2022-1065.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-1065
Published
2022-10-20T00:02:08.349463Z
Modified
2022-10-20T00:02:08.349709Z
Summary
Stack-buffer-overflow in Curl_output_aws_sigv4
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52517

Crash type: Stack-buffer-overflow WRITE {*}
Crash state:
Curl_output_aws_sigv4
output_auth_headers
Curl_http_output_auth
References

Affected packages

OSS-Fuzz / curl

Package

Name
curl
Purl
pkg:generic/curl

Affected ranges

Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
29c4aa00a16872514eb2e2c639576a382ffb66d3
Fixed
57ba1dd51975c95628cc3936ab086f80cba4c2d0
Fixed
a3063fe0147e00381d149e1d3a3c57c63343e7fc

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "0bb2f64905d52a902767fea39bfa0f426a87a53f:a3063fe0147e00381d149e1d3a3c57c63343e7fc"
}