OSV-2023-344

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/cpython3/OSV-2023-344.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-344
Published
2023-04-25T14:01:18.715805Z
Modified
2023-04-25T14:01:18.716085Z
Summary
Heap-buffer-overflow in tok_get_normal_mode
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58295

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
tok_get_normal_mode
_PyTokenizer_Get
_PyPegen_tokenize_full_source_to_check_for_errors
References

Affected packages

OSS-Fuzz / cpython3

Package

Name
cpython3
Purl
pkg:generic/cpython3

Affected ranges

Type
GIT
Repo
https://github.com/python/cpython.git
Events
Introduced
1ef61cf71a218c71860ff6aecf0fd51edb8b65dc
Fixed
5078eedc5b18f0d208af6e30f60b33419132d1b6

Ecosystem specific 

{
    "severity": "HIGH"
}