OSV-2023-522

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jdom/OSV-2023-522.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-522

Published

2023-06-29T14:01:00.082855Z

Modified

2023-06-29T14:01:00.083088Z

Summary

Security exception in com.code_intelligence.jazzer.sanitizers.ServerSideRequestForgery.checkSsrf

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60156

Crash type: Security exception
Crash state:
com.code_intelligence.jazzer.sanitizers.ServerSideRequestForgery.checkSsrf
com.code_intelligence.jazzer.sanitizers.ServerSideRequestForgery.checkSsrfSocket
java.base/java.net.Socket.connect

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60156

Affected packages

OSS-Fuzz / jdom

Package

Name: jdom
Purl: pkg:generic/jdom

Affected ranges

Type: GIT
Repo: https://github.com/hunterhacker/jdom.git
Events: Introduced

c6065f684bdff5cebf5f23b2859c5e4c89fd89db

Fixed

c6065f684bdff5cebf5f23b2859c5e4c89fd89db

Affected versions

JDOM-2.*

JDOM-2.0.6.1

Ecosystem specific

{
    "severity": "MEDIUM"
}