OSV-2023-321

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libucl/OSV-2023-321.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-321
Published
2023-04-17T14:02:19.313369Z
Modified
2023-04-22T14:12:41.755116Z
Summary
Heap-use-after-free in ucl_hash_func
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58069

Crash type: Heap-use-after-free READ 8
Crash state:
ucl_hash_func
kh_resize_ucl_hash_node
kh_put_ucl_hash_node
References

Affected packages

OSS-Fuzz / libucl

Package

Name
libucl
Purl
pkg:generic/libucl

Affected ranges

Type
GIT
Repo
https://github.com/vstakhov/libucl
Events
Introduced
3a94514709b7d0d3420f96549172059bfaac2b65
Fixed
c8374381bab04f33f0000910acdf37593e343c99

Affected versions

0.*

0.8.2

Ecosystem specific 

{
    "severity": "HIGH"
}