OSV-2024-24

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jackson-dataformats-binary/OSV-2024-24.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-24
Published
2024-01-20T00:04:01.700018Z
Modified
2024-03-13T14:21:08.789955Z
Summary
Security exception in java.base/java.util.Arrays.copyOf
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65740

Crash type: Security exception
Crash state:
java.base/java.util.Arrays.copyOf
com.fasterxml.jackson.core.util.TextBuffer.expandCurrentSegment
com.fasterxml.jackson.dataformat.cbor.CBORParser._finishShortText
References

Affected packages

OSS-Fuzz / jackson-dataformats-binary

Package

Name
jackson-dataformats-binary
Purl
pkg:generic/jackson-dataformats-binary

Affected ranges

Type
GIT
Repo
https://github.com/FasterXML/jackson-dataformats-binary
Events

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

{
    "introduced_range": "11e473ec679fbef8a2c10d47f6d3b19985bc9a52:0e2a81a78dbfa6583bee7520c2d441dbb38e2f5b",
    "fixed_range": "8d484d2573a6240596c9cc002648e27dce8287a4:1f8c5193a651853be0334968bd7bd860398a7478"
}