OSV-2022-1276

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvpn/OSV-2022-1276.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2022-1276

Published

2023-06-15T14:01:52.594793Z

Modified

2025-07-05T14:11:24.654963Z

Summary

Stack-buffer-overflow in ntlm_phase_3

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59818

Crash type: Stack-buffer-overflow WRITE 1
Crash state:
ntlm_phase_3
establish_http_proxy_passthru
fuzz_proxy.c

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59818

Affected packages

OSS-Fuzz / openvpn

Package

Name: openvpn
Purl: pkg:generic/openvpn

Affected ranges

Type: GIT
Repo: https://github.com/OpenVPN/openvpn
Events: Introduced

c768ee96b49a3df459f584d6050802312815deec

Fixed

c18a995d0e6752575299a750539acd5e35115846

Affected versions

v2.*

v2.6.0

v2.6.1

v2.6.10

v2.6.11

v2.6.12

v2.6.13

v2.6.14

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

v2.6.7

v2.6.8

v2.6.9

v2.6_beta1

v2.6_beta2

v2.6_branched

v2.6_rc1

v2.6_rc2

v2.7_alpha1

v2.7_alpha2

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

fixed_range

"72d70b5d8a9d6ac01134df006a03607a79e76294:c18a995d0e6752575299a750539acd5e35115846"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvpn/OSV-2022-1276.yaml"