OSV-2022-1211

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2022-1211.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-1211
Published
2022-11-26T13:00:13.775523Z
Modified
2022-11-26T13:00:13.775771Z
Summary
Heap-buffer-overflow in bit_calc_CRC
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53750

Crash type: Heap-buffer-overflow READ 1
Crash state:
bit_calc_CRC
decode_preR13
dwg_decode
References

Affected packages

OSS-Fuzz / libredwg

Package

Name
libredwg
Purl
pkg:generic/libredwg

Affected ranges

Type
GIT
Repo
https://github.com/LibreDWG/libredwg
Events

Affected versions

0.*

0.12.4.4522
0.12.4.4527
0.12.4.4530
0.12.4.4533
0.12.4.4535
0.12.4.4542
0.12.4.4544
0.12.4.4545
0.12.4.4548
0.12.4.4550
0.12.4.4553
0.12.4.4566
0.12.4.4567
0.12.4.4572
0.12.4.4583
0.12.4.4590
0.12.4.4598
0.12.4.4601
0.12.4.4606
0.12.4.4607
0.12.4.4608
0.12.4.4613
0.12.4.4615
0.12.4.4635
0.12.4.4637
0.12.4.4641
0.12.4.4643
0.12.4.4647
0.12.4.4652
0.12.4.4654
0.12.4.4658
0.12.4.4660

Ecosystem specific

{
    "severity": "MEDIUM"
}