OSV-2025-480

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/glaze/OSV-2025-480.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-480

Published

2025-06-20T00:14:17.007847Z

Modified

2025-06-20T00:14:17.008310Z

Summary

Stack-buffer-overflow in void glz::from<10000u, std::__1::__bit_reference<std::__1::vector<bool, std::__1

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=425725152

Crash type: Stack-buffer-overflow READ 1
Crash state:
void glz::from<10000u, std::__1::__bit_reference<std::__1::vector<bool, std::__1
void glz::from<10000u, std::__1::vector<bool, std::__1::allocator<bool>>>::op<gl
void glz::visit<4ul, void glz::from<10000u, my_struct>::op<glz::opts_csv{10000u,

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=425725152

Affected packages

OSS-Fuzz / glaze

Package

Name: glaze
Purl: pkg:generic/glaze

Affected ranges

Type: GIT
Repo: https://github.com/stephenberry/glaze
Events: Introduced

2b4f24f598fa7b81d81e82dd74e48bd2f553c895

Fixed

e9c2c37a9f9dc45302f8a2f0b1aa64c0a3a839ce

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

fixed_range

"d4d6ee98081a6f16198eaed8a967867a1da8dd97:e9c2c37a9f9dc45302f8a2f0b1aa64c0a3a839ce"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/glaze/OSV-2025-480.yaml"

introduced_range

"17d81a64b4f8c6824ff119f82cce8419b35791f4:d4d6ee98081a6f16198eaed8a967867a1da8dd97"