OSV-2024-469

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2024-469.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-469
Published
2024-05-13T00:06:08.552810Z
Modified
2024-05-13T00:06:08.553286Z
Summary
Heap-buffer-overflow in check_content_type_and_change_protocol
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68932

Crash type: Heap-buffer-overflow READ {*}
Crash state:
check_content_type_and_change_protocol
process_request
ndpi_check_http_tcp
References

Affected packages

OSS-Fuzz / ndpi

Package

Name
ndpi
Purl
pkg:generic/ndpi

Affected ranges

Type
GIT
Repo
https://github.com/ntop/nDPI.git
Events
Introduced
6bbae9a70a2b346968406d582f411447c9cbbd00
Fixed
0110623b4ed94e49f2821073146d705856ed149f

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

fixed_range

"a813121e0a7021cdbfd64630960b330a23b1a4d2:0110623b4ed94e49f2821073146d705856ed149f"

introduced_range

"d4650f0f817c8d1663284b7dd225df802104a60b:a813121e0a7021cdbfd64630960b330a23b1a4d2"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2024-469.yaml"