OSV-2024-135

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2024-135.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-135
Published
2024-02-25T00:05:28.923786Z
Modified
2024-04-18T14:10:11.037617Z
Summary
Heap-buffer-overflow in BS_ReadByte
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66949

Crash type: Heap-buffer-overflow READ 1
Crash state:
BS_ReadByte
gf_bs_read_u8
dump_sei
References

Affected packages

OSS-Fuzz / gpac

Package

Name
gpac
Purl
pkg:generic/gpac

Affected ranges

Type
GIT
Repo
https://github.com/gpac/gpac
Events
Introduced
e17710641b59c09238546464768a4e9a1d5e4603
Fixed
4d7891cd8070a37010f4ff07574e89f189ed3d57

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range 
"12fc3032cdf57a3d26a591ac5e3d594f3f3c9c3a:4d7891cd8070a37010f4ff07574e89f189ed3d57"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gpac/OSV-2024-135.yaml"