OSV-2022-577

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2022-577.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-577
Published
2022-07-13T00:01:36.106912Z
Modified
2022-07-13T00:01:36.107146Z
Summary
Heap-use-after-free in jsmn_parse
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49033

Crash type: Heap-use-after-free WRITE 4
Crash state:
jsmn_parse
flb_json_tokenise
flb_pack_json_state
References

Affected packages

OSS-Fuzz / fluent-bit

Package

Name
fluent-bit
Purl
pkg:generic/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit/
Events
Introduced
16567ddbbeee9f2b728876c6790c928176c7f4ce
Fixed
53f2e45291bb798e3bc942d039f9b1596aed50f4
Fixed
2afab38dbfe3cff32c14d0a1ce7e4935bef02729

Affected versions

v1.*
v1.9.6

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2022-577.yaml"