OSV-2023-415

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-415.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-415

Published

2023-05-20T14:01:02.465780Z

Modified

2023-06-11T14:15:45.072848Z

Summary

UNKNOWN READ in dxf_fixup_string

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59097

Crash type: UNKNOWN READ
Crash state:
dxf_fixup_string
dwg_dxf_LAYOUT_private
dwg_dxf_LAYOUT

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59097

Affected packages

OSS-Fuzz / libredwg

Package

Name: libredwg
Purl: pkg:generic/libredwg

Affected ranges

Type: GIT
Repo: https://github.com/LibreDWG/libredwg
Events: Introduced

a954ad92edf387d7a681f865611ea24c79228ce6

Fixed

9b7e822916a0ccd6fa961e5364f99112bed964c6

Affected versions

0.*

0.12.5.5646

0.12.5.5648

0.12.5.5654

0.12.5.5656

0.12.5.5660

0.12.5.5663

0.12.5.5666

0.12.5.5667

0.12.5.5668

0.12.5.5671

0.12.5.5688

0.12.5.5691

0.12.5.5697

0.12.5.5700

0.12.5.5708

0.12.5.5710

0.12.5.5712

0.12.5.5713

0.12.5.5716

0.12.5.5720

0.12.5.5721

0.12.5.5725

0.12.5.5731

0.12.5.5733

0.12.5.5741

0.12.5.5745

0.12.5.5746

0.12.5.5748

0.12.5.5751

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-415.yaml"