OSV-2022-760

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jackson-dataformats-text/OSV-2022-760.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2022-760

Published

2022-08-20T00:01:56.371630Z

Modified

2023-03-09T00:21:36.500254Z

Summary

Security exception in com.fasterxml.jackson.dataformat.toml.Parser.parseInlineTable

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50432

Crash type: Security exception
Crash state:
com.fasterxml.jackson.dataformat.toml.Parser.parseInlineTable
com.fasterxml.jackson.dataformat.toml.Parser.parseValue
com.fasterxml.jackson.dataformat.toml.Parser.parseKeyVal

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50432

Affected packages

OSS-Fuzz / jackson-dataformats-text

Package

Name: jackson-dataformats-text
Purl: pkg:generic/jackson-dataformats-text

Affected ranges

Type: GIT
Repo: https://github.com/FasterXML/jackson-dataformats-text.git
Events: Introduced

06983a968d62cd04dc73e58c7f0270aea2852e23

Fixed

1f2b0afdc65dfbb50c136481189bf3228e1b23be

Affected versions

jackson-dataformats-text-2.*

jackson-dataformats-text-2.13.4

jackson-dataformats-text-2.13.5

jackson-dataformats-text-2.14.0

jackson-dataformats-text-2.14.0-rc1

jackson-dataformats-text-2.14.0-rc2

jackson-dataformats-text-2.14.0-rc3

jackson-dataformats-text-2.14.1

jackson-dataformats-text-2.14.2

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

{
    "introduced_range": "4e26d0ecac5aa508f7307a9380b198f1f503bbc3:48f08d72a1021765f3ce131d20a0a5980f3eb431",
    "fixed_range": "7b4b0cd22596c304fa63ad529d65debfddb6689f:1f2b0afdc65dfbb50c136481189bf3228e1b23be"
}