OSV-2021-1809

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ujson/OSV-2021-1809.yaml

Published

2022-02-25T00:00:25.106722Z

Modified

2022-05-19T00:55:00.970552Z

Summary

Heap-buffer-overflow in ujson.cpython-38-x86_64-linux-gnu.so

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44973

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
ujson.cpython-38-x86_64-linux-gnu.so
ujson.cpython-38-x86_64-linux-gnu.so
ujson.cpython-38-x86_64-linux-gnu.so

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44973

Affected packages

PyPI / ujson

Package

Name: ujson

Affected ranges

Type: GIT
Repo: https://github.com/ultrajson/ultrajson.git
Events: Introduced

b9275f7b001da11495040f1332f6c3adf3daa57b

Fixed

f6860f1f3d8d4e92b9be0e5815355a8976c6e75b

Fixed

550ba4d77294e61597a5259d00769c61281e0042

Affected versions

5.*

5.1.0

Ecosystem specific

{
    "severity": "HIGH"
}