OSV-2022-128
See a problem?- Import Source
- https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2022-128.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/OSV-2022-128
- Published
- 2022-02-07T00:00:43.453413Z
- Modified
- 2022-07-30T00:11:15.450699Z
- Summary
- Stack-buffer-overflow in decompress_rNUMBER
- Details
-
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44432
Crash type: Stack-buffer-overflow WRITE 1 Crash state: decompressrNUMBER readrNUMBERmetadata dwg_decode
- References
Affected packages
OSS-Fuzz / libredwg
Package
- Name
- libredwg
- Purl
- pkg:generic/libredwg
Affected versions
0.*
0.12.4.4390
0.12.4.4395
0.12.4.4399
0.12.4.4400
0.12.4.4409
0.12.4.4415
0.12.4.4420
0.12.4.4423
0.12.4.4425
0.12.4.4430
0.12.4.4437
0.12.4.4442
0.12.4.4444
0.12.4.4462
0.12.4.4466
0.12.4.4467
0.12.4.4475
0.12.4.4487
0.12.4.4491
0.12.4.4492
0.12.4.4494
0.12.4.4497
0.12.4.4507
0.12.4.4515
0.12.4.4517
0.12.4.4522
0.12.4.4527
0.12.4.4530
0.12.4.4533
0.12.4.4535
0.12.4.4542
0.12.4.4544
0.12.4.4545
0.12.4.4548
0.12.4.4550
0.12.4.4553
0.12.4.4566
0.12.4.4567
0.12.4.4572
0.12.4.4583
0.12.4.4590
0.12.4.4598
0.12.4.4601
0.12.4.4606
0.12.4.4607
0.12.4.4608
0.12.4.4613
0.12.4.4615
0.12.5