OSV-2022-776

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/c-blosc2/OSV-2022-776.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-776
Published
2022-08-24T00:00:48.440951Z
Modified
2026-03-28T14:14:07.913331Z
Summary
Heap-buffer-overflow in do_job
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50528

Crash type: Heap-buffer-overflow WRITE 4
Crash state:
do_job
blosc_compress_context
blosc2_compress
References

Affected packages

OSS-Fuzz / c-blosc2

Package

Name
c-blosc2
Purl
pkg:generic/c-blosc2

Affected ranges

Type
GIT
Repo
https://github.com/Blosc/c-blosc2.git
Events

Affected versions

v2.*
v2.10.0
v2.10.1
v2.10.2
v2.10.3
v2.10.4
v2.10.5
v2.11.0
v2.11.1
v2.11.2
v2.11.3
v2.12.0
v2.13.0
v2.13.1
v2.13.2
v2.14.0
v2.14.1
v2.14.2
v2.14.3
v2.14.4
v2.15.0
v2.15.1
v2.15.2
v2.16.0
v2.17.0
v2.17.1
v2.18.0
v2.19.0
v2.19.1
v2.20.0
v2.21.0
v2.21.1
v2.21.2
v2.21.3
v2.22.0
v2.23.0
v2.23.1
v2.3.0
v2.3.1
v2.4.0
v2.4.1
v2.4.2
v2.4.3
v2.5.0
v2.6.0
v2.6.1
v2.7.0
v2.7.1
v2.8.0
v2.9.0
v2.9.1
v2.9.2
v2.9.3
v3.*
v3.0.0.rc1

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

fixed_range
"434cd1f3d328b39b787de26e9f1d5c4390024019:4ee140a6608d5541f627c1f143e6481f2693621a"
source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/c-blosc2/OSV-2022-776.yaml"