OSV-2023-356

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2023-356.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-356
Published
2023-04-30T14:03:00.823786Z
Modified
2023-08-12T14:21:32.402904Z
Summary
Heap-buffer-overflow in pdf_nextobject
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58475

Crash type: Heap-buffer-overflow READ 1
Crash state:
pdf_nextobject
find_length
pdf_extract_obj
References

Affected packages

OSS-Fuzz / clamav

Package

Name
clamav
Purl
pkg:generic/clamav

Affected ranges

Type
GIT
Repo
https://github.com/Cisco-Talos/clamav.git
Events
Introduced
ba34bc033c32a22fefe18985e186777390c2dc1c
Fixed
ba49cbfafa82f1cf10774055615e8d21014d44d0

Affected versions

clamav-1.*

clamav-1.1.0
clamav-1.2.0-rc

Ecosystem specific 

{
    "severity": "MEDIUM"
}