OSV-2024-167

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/javaparser/OSV-2024-167.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-167

Published

2024-03-14T00:10:52.218597Z

Modified

2024-04-29T11:19:04.592001Z

Summary

Security exception in com.github.javaparser.GeneratedJavaParser.Expression

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65974

Crash type: Security exception
Crash state:
com.github.javaparser.GeneratedJavaParser.Expression
java.base/java.lang.String.startsWith
java.base/java.net.URL.isBuiltinStreamHandler

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65974

Affected packages

OSS-Fuzz / javaparser

Package

Name: javaparser
Purl: pkg:generic/javaparser

Affected ranges

Type: GIT
Repo: https://github.com/javaparser/javaparser
Events: Introduced

59585a5579910e36bc75ac266b5b1cb70ddc4770

Fixed

e27e01b56d7398821c94ecb05d6caa0a928ad7ce

Affected versions

javaparser-parent-3.*

javaparser-parent-3.24.10

javaparser-parent-3.24.4

javaparser-parent-3.24.6

javaparser-parent-3.24.7

javaparser-parent-3.24.8

javaparser-parent-3.24.9

javaparser-parent-3.25.0

javaparser-parent-3.25.1

javaparser-parent-3.25.2

javaparser-parent-3.25.3

javaparser-parent-3.25.4

javaparser-parent-3.25.5

javaparser-parent-3.25.6

javaparser-parent-3.25.7

javaparser-parent-3.25.8

javaparser-parent-3.25.9

Other

v_snapshot_56be443

v_snapshot_e2590f3

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

{
    "introduced_range": "3d1f6eb34d7ffc8eb1534e6f53964691f3608d7e:ccff30606f8665a030b509ffbde5183d7c9af552",
    "fixed_range": "feba579fc7fc75956037da5e41cd786802bce5b0:e27e01b56d7398821c94ecb05d6caa0a928ad7ce"
}