OSV-2021-812

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kryo/OSV-2021-812.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-812
Published
2021-05-29T00:01:09.011604Z
Modified
2022-04-13T03:04:36.375090Z
Summary
Uncaught exception in com.esotericsoftware.kryo.serializers.FieldSerializer.read
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34733

Crash type: Uncaught exception
Crash state:
com.esotericsoftware.kryo.serializers.FieldSerializer.read
com.esotericsoftware.kryo.Kryo.readObject
DeserializeStringFuzzer.fuzzerTestOneInput
References

Affected packages

OSS-Fuzz / kryo

Package

Name
kryo
Purl
pkg:generic/kryo

Affected ranges

Type
GIT
Repo
https://github.com/EsotericSoftware/kryo
Events
Introduced
adbac896f1d88a91f645c60133d66b1e83eadf3a
Fixed
b75ae5e0ac3842b9761bcf18671c99960230eb74

Affected versions

kryo-parent-5.*

kryo-parent-5.2.0

Ecosystem specific 

{
    "severity": "LOW",
    "introduced_range": "8ba63454705509b99049ee0292348c52e3f34fa1:1d72a60844fdd75250f09f74fd493485092026fe"
}

Database specific 

{
    "fixed_range": "a2dfa5c8c2ea6f6fbb264199ef7e2ab972424190:b75ae5e0ac3842b9761bcf18671c99960230eb74"
}