OSV-2023-1152

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/checkstyle/OSV-2023-1152.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-1152

Published

2023-11-13T13:02:00.256484Z

Modified

2023-11-13T13:02:00.256878Z

Summary

Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64130

Crash type: Security exception
Crash state:
com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr
java.base/java.nio.ByteBuffer.position
java.base/sun.nio.cs.UTF_8.updatePositions

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64130

Affected packages

OSS-Fuzz / checkstyle

Package

Name: checkstyle
Purl: pkg:generic/checkstyle

Affected ranges

Type: GIT
Repo: https://github.com/checkstyle/checkstyle
Events: Introduced

94cd165da31942661301a09561e4b4ad85366c77

Fixed

11e2b4baee11523db5c15602380775e95fb437ba

Affected versions

checkstyle-10.*

checkstyle-10.12.5

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

{
    "introduced_range": "a89ddac62254f3b94a2d97231bf6a878563d74af:d52eb5d979c3552b777b9262a21e3b7acb98fd4a"
}