process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
References
Information
Published : 2019-09-17 05:15
Updated : 2020-10-07 16:15
NVD link : CVE-2019-16239
Mitre link : CVE-2019-16239
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
fedoraproject
- fedora
infradead
- openconnect