OSV-2020-1834

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/oniguruma/OSV-2020-1834.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1834
Published
2020-09-25T00:00:07.959427Z
Modified
2022-04-13T03:04:40.937721Z
Summary
Stack-buffer-overflow in onigenc_unicode_get_case_fold_codes_by_str
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25893

Crash type: Stack-buffer-overflow WRITE 4
Crash state:
onigenc_unicode_get_case_fold_codes_by_str
utf16be_get_case_fold_codes_by_str
unravel_case_fold_string
References

Affected packages

OSS-Fuzz / oniguruma

Package

Name
oniguruma
Purl
pkg:generic/oniguruma

Affected ranges

Ecosystem specific

{
    "severity": "HIGH",
    "introduced_range": "cdff3c762abc4c1aedfe9900b65698cd08d6959b:14f5efb82321e26502caa2df3c58aa1c2d36c801"
}

Database specific

{
    "fixed_range": "48a40c7238d989f25bbfa6339de71cf9189cb81b:e11958537b4f14ddf3eb03a0eb08142e4f35a926"
}