OSV-2024-1330

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2024-1330.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1330
Published
2024-11-20T00:15:27.562125Z
Modified
2024-11-20T14:27:37.875526Z
Summary
Heap-buffer-overflow in zoom_search_again
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=379072455

Crash type: Heap-buffer-overflow READ 1
Crash state:
zoom_search_again
ndpi_detection_process_packet
ndpi_workflow_process_packet
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
0d36d9c8c2d02a8d2e93f5419925140674bbeead
Fixed
2e2f08cd87266afef888c8b539c1891b30a1cc1c
Fixed
c228502cb4d06de42a01e4c451f6b1acd750ce71

Affected versions

4.*
4.10

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range 
"de8c326cd218867b88c25b0e6c0be9e2c909b1e9:c228502cb4d06de42a01e4c451f6b1acd750ce71"
introduced_range 
"4072cb8862507ef091c7b3e15abd67a90902379d:ae36648c6cc08a5ef170a719a4476fe16e3a0e37"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2024-1330.yaml"