OSV-2022-664

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2022-664.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-664
Published
2022-08-02T00:00:39.660612Z
Modified
2022-11-25T00:14:56.081549Z
Summary
Heap-buffer-overflow in decode_preR13_section_hdr
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49675

Crash type: Heap-buffer-overflow WRITE 4
Crash state:
decode_preR13_section_hdr
decode_preR13
dwg_decode
References

Affected packages

OSS-Fuzz / libredwg

Package

Name
libredwg
Purl
pkg:generic/libredwg

Affected ranges

Type
GIT
Repo
https://github.com/LibreDWG/libredwg
Events
Introduced
580e8bbebf18579b97e2c20b032368b9079624ca
Fixed
8bdb594582853d33f6ca41a0decd7f2f40619657

Affected versions

0.*

0.12.4.4635
0.12.4.4637
0.12.4.4641
0.12.4.4643
0.12.4.4647
0.12.4.4652
0.12.4.4654

Ecosystem specific 

{
    "severity": "HIGH"
}