OSV-2024-245

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jackson-databind/OSV-2024-245.yaml

Published

2024-04-08T00:11:03.595756Z

Modified

2024-04-08T00:11:03.596136Z

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67672

Crash type: Security exception
Crash state:
com.github.javaparser.ast.validator.TreeVisitorValidator.accept
com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel
com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67672

Affected packages

OSS-Fuzz / jackson-databind

Package

Name: jackson-databind

Affected ranges

Type: GIT
Repo: https://github.com/FasterXML/jackson-databind
Events: Introduced

407f500a1ec7e7bc31282d8763cf1a47ef4f0338

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

{
    "introduced_range": "696526db115b42f1f201dea2af406513b88f0d3f:199d3ac25081ba9064e70abe3198210314bab944"
}