OSV-2025-61

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/oatpp/OSV-2025-61.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-61
Published
2025-01-27T00:00:09.905879Z
Modified
2025-01-27T00:00:09.906561Z
Summary
Heap-buffer-overflow in oatpp::json::Utils::escapeString
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391916478

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
oatpp::json::Utils::escapeString
oatpp::json::Serializer::serializeString
oatpp::json::Serializer::serializePairs
References

Affected packages

OSS-Fuzz / oatpp

Package

Name
oatpp
Purl
pkg:generic/oatpp

Affected ranges

Type
GIT
Repo
https://github.com/oatpp/oatpp.git
Events
Introduced
d48d9e34ae2849c2ed9cfbb1eaf480435578ba86
Fixed
d1b868b77ac3b1249db760d037fccbe263bac6d7

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "introduced_range": "151460d9827c680237fd73a0196e861d20f8e6bb:8451ee724a0b720075494bde2fd9d223d53bef17",
    "fixed_range": "bc1072120812d3c6816b2e2c26ac323f671ce8e8:d1b868b77ac3b1249db760d037fccbe263bac6d7"
}