← back
CVE-2020-15476

CVE-2020-15476

EPSS 2.1%
In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21780https://github.com/ntop/nDPI/commit/b69177be2fbe01c2442239a61832c44e40136c05https://lists.debian.org/debian-lts-announce/2020/08/msg00052.htmlhttps://lists.debian.org/debian-lts-announce/2022/08/msg00016.html