OSV-2023-837

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-837

Published

2023-09-12T14:00:46.512961Z

Modified

2023-09-12T14:00:46.513217Z

Summary

Heap-buffer-overflow in uint7_get_64

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62270

Crash type: Heap-buffer-overflow READ 1
Crash state:
uint7_get_64
cram_huffman_decode_init
cram_decoder_init

References

Affected packages

Type: GIT
Repo: https://github.com/samtools/htslib.git
Events: Introduced

9c7e845e25cdb899cd833e96a46ef7d6dd8fb6be

Fixed

28a980bba6f731f901906f57e5c1ee19f4155849

{
    "severity": "MEDIUM"
}