OSV-2024-322

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/pistache/OSV-2024-322.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-322

Published

2024-04-29T05:41:35.504634Z

Modified

2024-04-29T05:41:35.505031Z

Summary

Container-overflow in strtol

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68322

Crash type: Container-overflow READ 3
Crash state:
strtol
Pistache::Http::Private::BodyStep::Chunk::parse
Pistache::Http::Private::BodyStep::parseTransferEncoding

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68322

Affected packages

OSS-Fuzz / pistache

Package

Name: pistache
Purl: pkg:generic/pistache

Affected ranges

Type: GIT
Repo: https://github.com/pistacheio/pistache
Events: Introduced

5dba79ab6856c74580c4fca2229c781e0f3ebdaa

Fixed

2d573adb8939499455d4bf7ab631d1219eac5389

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

introduced_range

"2359c2d4a79920cfac42d07b6e0ddbf68377da96:769c0c3ab7c347f2d4992abb9e1e6475b4832c25"

fixed_range

"51446160f336fb95731bb64c8902d51c1c8a1488:2d573adb8939499455d4bf7ab631d1219eac5389"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/pistache/OSV-2024-322.yaml"