OSV-2023-1364

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2023-1364.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-1364
Published
2023-12-28T00:01:38.624999Z
Modified
2023-12-28T00:01:38.625414Z
Summary
Heap-buffer-overflow in processClientServerHello
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65362

Crash type: Heap-buffer-overflow READ 2
Crash state:
processClientServerHello
processTLSBlock
ndpi_search_tls_udp
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
cbea1b2203647e3ee819d8d1d93411e8a8f9e116
Fixed
308f71a6e80751eae09f08cdfdc996a77510e5a5

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2023-1364.yaml"