OSV-2024-28

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/apache-poi/OSV-2024-28.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-28
Published
2024-01-21T00:12:30.613951Z
Modified
2025-12-09T14:21:34.948864Z
Summary
Security exception in java.base/java.util.Arrays.copyOf
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65930

Crash type: Security exception
Crash state:
java.base/java.util.Arrays.copyOf
java.base/java.util.ArrayList.grow
java.base/java.util.ArrayList.grow
References

Affected packages

OSS-Fuzz / apache-poi

Package

Name
apache-poi
Purl
pkg:generic/apache-poi

Affected ranges

Type
GIT
Repo
https://github.com/apache/poi.git
Events
Introduced
724fc526bf486b2a600fdbc44bc084dc40619fef

Affected versions

Other

REL_5_5_0
REL_5_5_1

Ecosystem specific 

{
    "severity": "LOW"
}

Database specific

introduced_range

"c3fd1d5731af09aeb62a48026b6437bed4f2c28f:f93306721f52243285a81d261231952077c1aac7"