OSV-2023-436

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2023-436.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-436
Published
2023-05-29T14:00:17.226789Z
Modified
2023-05-29T14:00:17.227055Z
Summary
Heap-buffer-overflow in ndpi_check_punycode_string
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59393

Crash type: Heap-buffer-overflow READ 1
Crash state:
ndpi_check_punycode_string
ndpi_match_host_subprotocol
check_content_type_and_change_protocol
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
0223d3c4f5219910e0f7dc3c5f5b2c95df72dea7
Fixed
82fa3a098632006cc8edffb647cabee08843524a

Ecosystem specific 

{
    "severity": "MEDIUM"
}