OSV-2024-245

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jackson-databind/OSV-2024-245.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-245
Published
2024-04-08T00:11:03.595756Z
Modified
2024-11-28T14:24:59.606753Z
Summary
Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67672

Crash type: Security exception
Crash state:
com.github.javaparser.ast.validator.TreeVisitorValidator.accept
com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel
com.github.javaparser.ast.expr.FieldAccessExpr.getMetaModel
References

Affected packages

OSS-Fuzz / jackson-databind

Package

Name
jackson-databind
Purl
pkg:generic/jackson-databind

Affected ranges

Type
GIT
Repo
https://github.com/FasterXML/jackson-databind
Events
Introduced
407f500a1ec7e7bc31282d8763cf1a47ef4f0338

Affected versions

jackson-databind-2.*

jackson-databind-2.17.1
jackson-databind-2.17.2
jackson-databind-2.17.3
jackson-databind-2.18.0
jackson-databind-2.18.0-rc1
jackson-databind-2.18.1
jackson-databind-2.18.2

Ecosystem specific 

{
    "severity": "LOW"
}

Database specific 

{
    "introduced_range": "696526db115b42f1f201dea2af406513b88f0d3f:199d3ac25081ba9064e70abe3198210314bab944"
}