OSV-2021-556

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jackson-core/OSV-2021-556.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2021-556

Published

2021-03-25T00:01:02.373925Z

Modified

2022-04-13T03:04:31.796152Z

Summary

Uncaught exception in java.base/java.util.Arrays.copyOf

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32423

Crash type: Uncaught exception
Crash state:
java.base/java.util.Arrays.copyOf
com.fasterxml.jackson.core.util.TextBuffer.expandCurrentSegment
com.fasterxml.jackson.core.json.UTF8StreamJsonParser.addName

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32423

Affected packages

OSS-Fuzz / jackson-core

Package

Name: jackson-core
Purl: pkg:generic/jackson-core

Affected ranges

Type: GIT
Repo: https://github.com/FasterXML/jackson-core
Events: Introduced

2bd85ebcdd94233d9e59a0833f29e06ce4281f3b

Fixed

0deae137735e1c81159e83bd1b4613e6d6b36501

Ecosystem specific

{
    "severity": "LOW",
    "introduced_range": "b051c9036ee505a7e85c81a704e2e43c5397200f:8a2036e948ee849b922121c061c002cb0e131bfa",
    "fixed_range": "8a2036e948ee849b922121c061c002cb0e131bfa:0deae137735e1c81159e83bd1b4613e6d6b36501"
}