OSV-2022-141

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/curl/OSV-2022-141.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-141
Published
2022-02-11T00:01:56.941272Z
Modified
2022-04-13T03:04:42.872996Z
Summary
Heap-use-after-free in nghttp2_hd_deflate_hd_bufs
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44517

Crash type: Heap-use-after-free READ 3
Crash state:
nghttp2_hd_deflate_hd_bufs
nghttp2_frame_pack_headers
nghttp2_session_mem_send_internal
References

Affected packages

OSS-Fuzz / curl

Package

Name
curl
Purl
pkg:generic/curl

Affected ranges

Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
9f985a11e794fdd2e175a4ea9ceb9d922a3400cd
Fixed
2a1951519e78c1aa404ec0201b9eaeae469d757b

Ecosystem specific 

{
    "severity": "HIGH"
}