OSV-2024-816

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/pcapplusplus/OSV-2024-816.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-816

Published

2024-08-16T00:02:36.618439Z

Modified

2024-09-04T14:18:56.239791Z

Summary

Use-of-uninitialized-value in pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69006

Crash type: Use-of-uninitialized-value
Crash state:
pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString
pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toStringAndMD5
pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toMD5

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69006

Affected packages

OSS-Fuzz / pcapplusplus

Package

Name: pcapplusplus
Purl: pkg:generic/pcapplusplus

Affected ranges

Type: GIT
Repo: https://github.com/seladb/PcapPlusPlus
Events: Introduced

56668faab242e53b1282b3405eaa4bb51e474bee

Affected versions

v24.*

v24.09

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "805d75ca1f33ff33951d5082e3d3535c7a090808:4d48615c9bfb2ef0c61d50e1e1dd3e3d63a82be0"
}