OSV-2024-293

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2024-293.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-293
Published
2024-04-24T00:02:46.009671Z
Modified
2024-04-24T00:02:46.010298Z
Summary
Stack-buffer-overflow in shoco_decompress
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68211

Crash type: Stack-buffer-overflow READ 1
Crash state:
shoco_decompress
fuzz_alg_shoco.cpp
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
ef891834699db2b0ed16e32fc2d352e8a8419945
Fixed
a62679952c4fe51fead86f38c76eee8fbdd1f694

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2024-293.yaml"
introduced_range 
"905120588bf2a1bb56b280d9accd89e7265b8364:246e972f9c1bf2780c348ae43030119ad417c153"
fixed_range 
"f494bdd653fcac1bd428bbf39eafd138f6f53d2a:a62679952c4fe51fead86f38c76eee8fbdd1f694"