OSV-2025-93

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-93

Published

2025-02-05T00:18:14.584575Z

Modified

2025-02-05T00:18:14.584998Z

Summary

Heap-buffer-overflow in lj_strfmt_pushvf

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=394126186

Crash type: Heap-buffer-overflow WRITE 8
Crash state:
lj_strfmt_pushvf
err_msgv
lj_err_msg

References

Affected packages

3.4.0

3.4.1-entrypoint

3.5.0-entrypoint

{
    "severity": "HIGH"
}

{
    "introduced_range": "f40901fbc98e46e0f4c276cbb51ffaf1abbbfebb:43aa0bf45ef18f76b312fabf3d3842d81a970bae"
}