OSV-2026-608

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/coturn/OSV-2026-608.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-608
Published
2026-04-22T00:04:16.715949Z
Modified
2026-04-22T00:04:16.716488Z
Summary
Stack-buffer-overflow in is_http
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504809218

Crash type: Stack-buffer-overflow READ {*}
Crash state:
is_http
stun_get_message_len_str
FuzzStunClient.c
References

Affected packages

OSS-Fuzz / coturn

Package

Name
coturn
Purl
pkg:generic/coturn

Affected ranges

Type
GIT
Repo
https://github.com/coturn/coturn
Events
Introduced
c8b3dd65133d8788cb483efb22d40465e775df54
Fixed
4ffa60d32e57d2f8b1dadc3ce122a93ff09a7a2d

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/coturn/OSV-2026-608.yaml"
introduced_range 
"4f8385e142c345cd3c4292943c9f963e7cf0ef1b:c1518d5f2a42a026d18574f3b2b233e50074e6b1"