OSV-2022-1180

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2022-1180.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2022-1180

Published

2022-11-18T13:02:18.978213Z

Modified

2022-11-18T13:02:18.978476Z

Summary

Heap-buffer-overflow in json_common_entity_data

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53468

Crash type: Heap-buffer-overflow READ 8
Crash state:
json_common_entity_data
json_objects_write
dwg_write_json

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53468

Affected packages

OSS-Fuzz / libredwg

Package

Name: libredwg
Purl: pkg:generic/libredwg

Affected ranges

Type: GIT
Repo: https://github.com/LibreDWG/libredwg
Events: Introduced

f54d6c2e90cbf4b8b6bec7cf94f8eb8a1a4a2984

Fixed

756d716867a4e862faa07ae395254b048b1322dc

Affected versions

0.*

0.12.4.4515

0.12.4.4517

0.12.4.4522

0.12.4.4527

0.12.4.4530

0.12.4.4533

0.12.4.4535

0.12.4.4542

0.12.4.4544

0.12.4.4545

0.12.4.4548

0.12.4.4550

0.12.4.4553

0.12.4.4566

0.12.4.4567

0.12.4.4572

0.12.4.4583

0.12.4.4590

0.12.4.4598

0.12.4.4601

0.12.4.4606

0.12.4.4607

0.12.4.4608

0.12.4.4613

0.12.4.4615

0.12.4.4635

0.12.4.4637

0.12.4.4641

0.12.4.4643

0.12.4.4647

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2022-1180.yaml"