OSV-2024-1356

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libwebp/OSV-2024-1356.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1356
Published
2024-12-10T00:13:56.481718Z
Modified
2024-12-10T00:13:56.482170Z
Summary
Heap-buffer-overflow in ChunkAssignData
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=382816119

Crash type: Heap-buffer-overflow READ 1
Crash state:
ChunkAssignData
WebPMuxCreateInternal
MuxDemuxApiTest
References

Affected packages

OSS-Fuzz / libwebp

Package

Name
libwebp
Purl
pkg:generic/libwebp

Affected ranges

Type
GIT
Repo
https://chromium.googlesource.com/webm/libwebp
Events

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "fixed_range": "da0d9c7d4e15fdc2d8addc3c0a3f3f014fc24434:1b4c967fbb6184755616a31c791440e7c719b6c0"
}