OSV-2024-1031

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/trafficserver/OSV-2024-1031.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1031
Published
2024-08-18T00:04:05.967914Z
Modified
2024-08-18T00:04:05.968286Z
Summary
Use-of-uninitialized-value in Http3FrameFactory::create
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537939

Crash type: Use-of-uninitialized-value
Crash state:
Http3FrameFactory::create
Http3FrameFactory::fast_create
fuzz_http3frame.cc
References

Affected packages

OSS-Fuzz / trafficserver

Package

Name
trafficserver
Purl
pkg:generic/trafficserver

Affected ranges

Type
GIT
Repo
https://github.com/apache/trafficserver.git
Events
Introduced
4fcbbbfbe7a43a621aac02010572e7a5323c55e2
Fixed
4d4086ab481d3d0f37ca1bf09d87e9b6063d6a45

Affected versions

10.*
10.1.0
10.1.0-rc0
10.1.0-rc1
10.1.1
10.1.1-rc0
10.1.1-rc1
10.1.2
10.1.2-rc0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/trafficserver/OSV-2024-1031.yaml"
introduced_range 
"8a2ec699b6f784a6843dee15990a024bb660336a:204ddea04c9e5b388059004671b9c4c6c3110a48"