OSV-2023-273

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/cyclonedds/OSV-2023-273.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-273
Published
2023-04-03T14:02:08.154670Z
Modified
2023-04-03T14:02:08.154918Z
Summary
Heap-buffer-overflow in add_complete_typeobj
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57614

Crash type: Heap-buffer-overflow READ 8
Crash state:
add_complete_typeobj
ddsi_xt_type_add_typeobj
ddsi_type_add_typeobj
References

Affected packages

OSS-Fuzz / cyclonedds

Package

Name
cyclonedds
Purl
pkg:generic/cyclonedds

Affected ranges

Type
GIT
Repo
https://github.com/eclipse-cyclonedds/cyclonedds
Events
Introduced
1ae6bb9985c05f8742cb31c0bd46f3c7bd8777bd
Fixed
708b9211ca8aeb3312b358df81d259c3d3c9fc70

Ecosystem specific 

{
    "severity": "MEDIUM"
}