OSV-2023-261

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/suricata/OSV-2023-261.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-261
Published
2023-04-01T13:02:00.983076Z
Modified
2024-04-23T14:18:28.255393Z
Summary
Heap-buffer-overflow in HtpRequestBodyHandleMultipart
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57578

Crash type: Heap-buffer-overflow READ 1
Crash state:
HtpRequestBodyHandleMultipart
HTPCallbackRequestBodyData
htp_hook_run_all
References

Affected packages

OSS-Fuzz / suricata

Package

Name
suricata
Purl
pkg:generic/suricata

Affected ranges

Type
GIT
Repo
https://github.com/OISF/suricata.git
Events
Introduced
578f328e06b3e03f3bdbbf852b5d121e20849b8b
Fixed
caf9940fd10f474bcbc7bf983e3849a83a8c7562

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "035863d029290c864388577e7cc9e31250f98523:caf9940fd10f474bcbc7bf983e3849a83a8c7562"
}