### [CVE-2021-36159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36159)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\0' terminator one byte too late.

### POC

#### Reference
- https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10749

#### Github
- https://github.com/0xDeCA10B/attackfinder
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Frannc0/test2
- https://github.com/NeXTLinux/griffon
- https://github.com/SilveiraLeonardo/experimenting_mkdown
- https://github.com/VAN-ALLY/Anchore
- https://github.com/anchore/grype
- https://github.com/aymankhder/scanner-for-container
- https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc
- https://github.com/khulnasoft-labs/griffon
- https://github.com/metapull/attackfinder
- https://github.com/mmartins000/sinker
- https://github.com/mvbalamca/image-vulnerability-checker-lib
- https://github.com/n0-traces/cve_monitor
- https://github.com/step-security-bot/griffon
- https://github.com/tamboliv10/GitCode-Vulnerability-Scanner-OSS---Security-
- https://github.com/thecyberbaby/Trivy-by-AquaSecurity
- https://github.com/thecyberbaby/Trivy-by-aquaSecurity
- https://github.com/vissu99/grype-0.70.0