OSV-2025-633

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/https://github.com/liblouis/liblouis/OSV-2025-633.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-633

Published

2025-08-15T00:16:54.142913Z

Modified

2025-08-15T00:16:54.143400Z

Summary

UNKNOWN WRITE in _lou_handlePassVariableAction

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=438413376

Crash type: UNKNOWN WRITE
Crash state:
_lou_handlePassVariableAction
passDoAction
translateString

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=438413376

Affected packages

OSS-Fuzz / liblouis

Package

Name: liblouis
Purl: pkg:generic/liblouis

Affected ranges

Type: GIT
Repo: https://github.com/liblouis/liblouis
Events: Introduced

60076cfb7da6c5c3da2dc74869045fffa9ab70c7

Fixed

d8792c4599e7be1554f49dce80371cc9be8cb6f1

Affected versions

v3.*

v3.32.0

v3.33.0

v3.34.0

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "fixed_range": "f86e9fe064aed5f471cdbaa131ab35697337d926:d8792c4599e7be1554f49dce80371cc9be8cb6f1",
    "introduced_range": "d0a9f9a410d6c5a25290fdc039b9f9b336068fdc:2019676a3d34ed97c38aed2c39f17dfcceb8d413"
}