OSV-2023-885

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-885

Published

2023-09-20T14:02:30.557328Z

Modified

2023-09-20T14:02:30.557630Z

Summary

UNKNOWN READ in bytes1_char_at

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62508

Crash type: UNKNOWN READ
Crash state:
bytes1_char_at
ascii_at_line_end
try_match

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62508

Affected packages

PyPI / mrab-regex

Package

Name: mrab-regex; View open source insights on deps.dev
Purl: pkg:pypi/mrab-regex

Affected ranges

Type: GIT
Repo: https://github.com/mrabarnett/mrab-regex
Events: Introduced

1e6986b92f978087eb34ca79732d3b0c45be8652

Fixed

cdcbf36aebb0e5d54072bd96a6fe4932f1fd6ae0

Affected versions

2021.*

2021.11.10

2022.*

2022.1.18

2022.3.2

2022.3.15

2022.4.24

2022.6.2

2022.7.9

2022.7.24

2022.7.25

2022.8.17

2022.9.11

2022.9.13

2022.10.31

2023.*

2023.03.22

2023.3.22

2023.3.23

2023.5.2

2023.5.3

2023.5.4

2023.5.5

2023.6.3

2023.8.8

2023.10.3

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mrab-regex/OSV-2023-885.yaml"