OSV-2022-139

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/curl/OSV-2022-139.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-139
Published
2022-02-11T00:01:42.562895Z
Modified
2022-04-13T03:04:42.843414Z
Summary
Heap-use-after-free in nghttp2_http_record_request_method
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44516

Crash type: Heap-use-after-free READ 4
Crash state:
nghttp2_http_record_request_method
nghttp2_session_mem_send_internal
nghttp2_session_send
References

Affected packages

OSS-Fuzz / curl

Package

Name
curl
Purl
pkg:generic/curl

Affected ranges

Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
9f985a11e794fdd2e175a4ea9ceb9d922a3400cd
Fixed
2a1951519e78c1aa404ec0201b9eaeae469d757b

Ecosystem specific 

{
    "severity": "HIGH"
}