OSV-2022-37

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tdengine/OSV-2022-37.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-37
Published
2022-01-13T00:01:03.929984Z
Modified
2023-09-25T14:30:41.938585Z
Summary
Heap-buffer-overflow in stringProcess
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43535

Crash type: Heap-buffer-overflow READ 1
Crash state:
stringProcess
tVariantCreateExt
tVariantCreate
References

Affected packages

OSS-Fuzz / tdengine

Package

Name
tdengine
Purl
pkg:generic/tdengine

Affected ranges

Type
GIT
Repo
https://github.com/taosdata/TDengine
Events

Affected versions

ver-2.*

ver-2.5.0.0
ver-2.5.0.1
ver-2.6.0.0
ver-2.6.0.1
ver-2.6.0.10
ver-2.6.0.12
ver-2.6.0.14
ver-2.6.0.15
ver-2.6.0.16
ver-2.6.0.17
ver-2.6.0.18
ver-2.6.0.19
ver-2.6.0.21
ver-2.6.0.22
ver-2.6.0.24
ver-2.6.0.25
ver-2.6.0.27
ver-2.6.0.28
ver-2.6.0.3-kh
ver-2.6.0.30
ver-2.6.0.31
ver-2.6.0.32
ver-2.6.0.33
ver-2.6.0.34
ver-2.6.0.35
ver-2.6.0.36
ver-2.6.0.38
ver-2.6.0.39
ver-2.6.0.4
ver-2.6.0.41
ver-2.6.0.43
ver-2.6.0.44
ver-2.6.0.45
ver-2.6.0.47
ver-2.6.0.49
ver-2.6.0.51
ver-2.6.0.53
ver-2.6.0.55
ver-2.6.0.57
ver-2.6.0.59
ver-2.6.0.6
ver-2.6.0.61
ver-2.6.0.63
ver-2.6.0.65
ver-2.6.0.7
ver-2.6.0.8
ver-2.6.0.99

Ecosystem specific

{
    "severity": "MEDIUM"
}