OSV-2022-1276

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvpn/OSV-2022-1276.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-1276
Published
2023-06-15T14:01:52.594793Z
Modified
2024-07-18T14:08:37.765500Z
Summary
Stack-buffer-overflow in ntlm_phase_3
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59818

Crash type: Stack-buffer-overflow WRITE 1
Crash state:
ntlm_phase_3
establish_http_proxy_passthru
fuzz_proxy.c
References

Affected packages

OSS-Fuzz / openvpn

Package

Name
openvpn
Purl
pkg:generic/openvpn

Affected ranges

Type
GIT
Repo
https://github.com/OpenVPN/openvpn
Events
Introduced
c768ee96b49a3df459f584d6050802312815deec

Affected versions

Other

contains

v2.*

v2.6.0
v2.6.1
v2.6.10
v2.6.11
v2.6.12
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.6.6
v2.6.7
v2.6.8
v2.6.9
v2.6_beta1
v2.6_beta2
v2.6_branched
v2.6_rc1
v2.6_rc2

Ecosystem specific 

{
    "severity": "HIGH"
}