OSV-2024-112

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/boost/OSV-2024-112.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-112
Published
2024-02-16T00:05:47.896843Z
Modified
2024-12-12T14:17:28.647119Z
Summary
Stack-overflow in boost::read_graphviz_detail::parser::parse_subgraph
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66719

Crash type: Stack-overflow
Crash state:
boost::read_graphviz_detail::parser::parse_subgraph
boost::read_graphviz_detail::parser::parse_endpoint_rest
boost::read_graphviz_detail::parser::parse_stmt
References

Affected packages

OSS-Fuzz / boost

Package

Name
boost
Purl
pkg:generic/boost

Affected ranges

Type
GIT
Repo
https://github.com/boostorg/boost.git
Events
Introduced
9072bfc2d969ca1e8c49651232817201e05e3eae
Introduced
206cf016ae9454ed65e9c5faf4a322f31444fb80

Affected versions

boost-1.*

boost-1.85.0
boost-1.85.0.beta1
boost-1.86.0
boost-1.86.0.beta1
boost-1.87.0
boost-1.87.0.beta1

Ecosystem specific 

{
    "severity": "LOW"
}

Database specific 

{
    "introduced_range": "0251e5fa19564439f3d654df8d4de1abdbaa72b2:9f83dd55ea67f1bab62c20d29bc5527345aafc55"
}