OSV-2020-1036

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/draco/OSV-2020-1036.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1036
Published
2020-07-22T21:49:41.469982Z
Modified
2022-04-13T03:04:42.747881Z
Summary
Heap-use-after-free in void draco::Metadata::AddEntry<std::__1::vector<unsigned char, std::__1::allocat
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23344

Crash type: Heap-use-after-free READ 8
Crash state:
void draco::Metadata::AddEntry&lt;std::__1::vector&lt;unsigned char, std::__1::allocat
draco::MetadataDecoder::DecodeEntry
draco::MetadataDecoder::DecodeMetadata
References

Affected packages

OSS-Fuzz / draco

Package

Name
draco
Purl
pkg:generic/draco

Affected ranges

Ecosystem specific

{
    "severity": "HIGH",
    "introduced_range": "unknown:dec23f5ac6c71c2352dd6812afa799c03553fc58"
}

Database specific

{
    "fixed_range": "aef4bfbd61798ecc21d94c873b679fbdeaf92462:79601d2d060be52e673a82ed1c46f4666eb28255"
}