osv-2023-46
Vulnerability from osv_ossfuzz
Published
2023-02-03 13:01
Modified
2023-02-15 22:57
Summary
Heap-buffer-overflow in json_cquote
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55607
Crash type: Heap-buffer-overflow WRITE 1
Crash state:
json_cquote
json_preR13_header_write_private
dwg_write_json
References
| URL | Type | |
|---|---|---|
{
"affected": [
{
"ecosystem_specific": {
"severity": "HIGH"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "libredwg",
"purl": "pkg:generic/libredwg"
},
"ranges": [
{
"events": [
{
"introduced": "db754b7f16ca013957db181809853f80c9f2f2df"
},
{
"fixed": "80f3c7884477e84d70f31a61fa8059992040ae9a"
}
],
"repo": "https://github.com/LibreDWG/libredwg",
"type": "GIT"
}
],
"versions": [
"0.12.5.4760",
"0.12.5.4763",
"0.12.5.4765",
"0.12.5.4772",
"0.12.5.4776",
"0.12.5.4780",
"0.12.5.4784",
"0.12.5.4787",
"0.12.5.4797",
"0.12.5.4803",
"0.12.5.4805",
"0.12.5.4815",
"0.12.5.4820",
"0.12.5.4823",
"0.12.5.4825",
"0.12.5.4831",
"0.12.5.4833",
"0.12.5.4835",
"0.12.5.4837",
"0.12.5.4838",
"0.12.5.4852",
"0.12.5.4859",
"0.12.5.4865",
"0.12.5.4873",
"0.12.5.4881",
"0.12.5.4885",
"0.12.5.4887",
"0.12.5.4890",
"0.12.5.4893",
"0.12.5.4896",
"0.12.5.4911",
"0.12.5.4913",
"0.12.5.4915",
"0.12.5.4925",
"0.12.5.4931",
"0.12.5.4934",
"0.12.5.4937",
"0.12.5.4943",
"0.12.5.4944",
"0.12.5.4945",
"0.12.5.4959",
"0.12.5.4969",
"0.12.5.4998",
"0.12.5.5001",
"0.12.5.5002",
"0.12.5.5004",
"0.12.5.5007",
"0.12.5.5010",
"0.12.5.5016",
"0.12.5.5024",
"0.12.5.5028",
"0.12.5.5030",
"0.12.5.5035",
"0.12.5.5040",
"0.12.5.5044",
"0.12.5.5046",
"0.12.5.5050",
"0.12.5.5052",
"0.12.5.5060",
"0.12.5.5061",
"0.12.5.5066",
"0.12.5.5085",
"0.12.5.5091",
"0.12.5.5092",
"0.12.5.5093",
"0.12.5.5094",
"0.12.5.5095",
"0.12.5.5097",
"0.12.5.5101",
"0.12.5.5103",
"0.12.5.5104",
"0.12.5.5111"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55607\n\n```\nCrash type: Heap-buffer-overflow WRITE 1\nCrash state:\njson_cquote\njson_preR13_header_write_private\ndwg_write_json\n```\n",
"id": "OSV-2023-46",
"modified": "2023-02-15T22:57:59.567156Z",
"published": "2023-02-03T13:01:48.067659Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55607"
}
],
"schema_version": "1.3.0",
"summary": "Heap-buffer-overflow in json_cquote"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…