osv-2020-2042
Vulnerability from osv_ossfuzz
Published
2020-10-13 00:00
Modified
2022-04-13 03:28
Summary
UNKNOWN WRITE in pb_release_single_field
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22329
Crash type: UNKNOWN WRITE
Crash state:
pb_release_single_field
pb_release
pb_decode
{
"affected": [
{
"ecosystem_specific": {
"severity": "HIGH"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "firestore"
},
"ranges": [
{
"events": [
{
"introduced": "819091b289b48ac111008f0950853fd7bb54a521"
},
{
"fixed": "e81547f313af6f6733ccc25eb3c0cea8e6008578"
}
],
"repo": "https://github.com/firebase/firebase-ios-sdk.git",
"type": "GIT"
}
],
"versions": [
"6.26.0",
"7.0.0",
"7.1.0",
"7.2.0",
"7.3.0",
"7.3.1",
"7.4.0",
"7.5.0",
"7.5.1",
"7.6.0",
"7.7.0",
"7.8.0",
"7.8.1",
"7.9.0",
"7.9.1",
"ABTesting-3.3.0",
"ABTesting-4.0.0",
"ABTesting-4.1.0",
"ABTesting-4.2.0",
"AppDistribution-0.9.0",
"AppDistribution-0.9.1",
"AppDistribution-0.9.2",
"AppDistribution-0.9.3",
"Auth-6.6.0",
"Auth-6.7.0",
"Auth-6.7.1",
"Auth-6.8.0",
"Auth-6.9.0",
"Auth-6.9.1",
"Auth-6.9.2",
"CocoaPods-6.27.0",
"CocoaPods-6.27.1",
"CocoaPods-6.28.0",
"CocoaPods-6.28.1",
"CocoaPods-6.28.2",
"CocoaPods-6.29.0",
"CocoaPods-6.30.0",
"CocoaPods-6.31.0",
"CocoaPods-6.31.1",
"CocoaPods-6.32.0",
"CocoaPods-6.33.0",
"CocoaPods-6.33.0.nightly",
"CocoaPods-6.34.0",
"CocoaPods-6.34.0.nightly",
"CocoaPods-7.0.0",
"CocoaPods-7.0.0-beta",
"CocoaPods-7.0.nightly",
"CocoaPods-7.1.0",
"CocoaPods-7.1.0-beta",
"CocoaPods-7.1.nightly",
"CocoaPods-7.2.0",
"CocoaPods-7.2.0-beta",
"CocoaPods-7.2.nightly",
"CocoaPods-7.3.0",
"CocoaPods-7.3.0-beta",
"CocoaPods-7.3.1",
"CocoaPods-7.3.nightly",
"CocoaPods-7.4.0",
"CocoaPods-7.4.0-beta",
"CocoaPods-7.4.nightly",
"CocoaPods-7.5.0",
"CocoaPods-7.5.0-beta",
"CocoaPods-7.5.nightly",
"CocoaPods-7.6.0",
"CocoaPods-7.6.0-beta",
"CocoaPods-7.6.nightly",
"CocoaPods-7.7.0",
"CocoaPods-7.7.0-beta",
"CocoaPods-7.7.nightly",
"CocoaPods-7.8.0",
"CocoaPods-7.8.0-beta",
"CocoaPods-7.8.nightly",
"CocoaPods-7.9.0",
"CocoaPods-7.9.0-beta",
"CocoaPods-7.9.nightly",
"Core-6.10.0",
"Core-6.10.1",
"Core-6.10.2",
"Core-6.10.3",
"Core-6.10.4",
"Core-6.7.2",
"Core-6.8.0",
"Core-6.8.1",
"Core-6.9.0",
"Core-6.9.1",
"Core-6.9.2",
"CoreDiagnostics-1.4.0",
"CoreDiagnostics-1.5.0",
"CoreDiagnostics-1.6.0",
"CoreDiagnostics-1.7.0",
"Crashlytics-4.1.1",
"Crashlytics-4.2.0",
"Crashlytics-4.3.0",
"Crashlytics-4.3.1",
"Crashlytics-4.4.0",
"Crashlytics-4.5.0",
"Crashlytics-4.6.0",
"Crashlytics-4.6.1",
"Crashlytics-4.6.2",
"DataTransport-6.2.0",
"DataTransport-6.2.1",
"DataTransport-7.0.0",
"DataTransport-7.1.0",
"DataTransport-7.2.0",
"DataTransport-7.3.0",
"DataTransport-7.4.0",
"DataTransport-7.5.0",
"DataTransport-7.5.1",
"DataTransport-8.0.0",
"DataTransport-8.0.1",
"DataTransport-8.1.0",
"DataTransport-8.2.0",
"DataTransportCCTSupport-3.2.0",
"Database-6.3.0",
"Database-6.4.0",
"Database-6.5.0",
"Database-6.6.0",
"DynamicLinks-4.1.0",
"DynamicLinks-4.2.0",
"DynamicLinks-4.2.1",
"DynamicLinks-4.3.0",
"DynamicLinks-4.3.1",
"Firestore-1.15.0",
"Firestore-1.16.0",
"Firestore-1.16.1",
"Firestore-1.16.2",
"Firestore-1.16.3",
"Firestore-1.16.4",
"Firestore-1.17.0",
"Firestore-1.17.1",
"Firestore-1.18.0",
"Firestore-1.19.0",
"FirestoreSwift-0.4.0",
"Functions-2.6.0",
"Functions-2.7.0",
"Functions-2.8.0",
"Functions-2.9.0",
"InAppMessaging-0.20.2",
"InAppMessaging-0.21.0",
"InAppMessaging-0.22.0",
"InAppMessaging-0.23.0",
"InAppMessaging-0.24.0",
"Installations-1.3.0",
"Installations-1.4.0",
"Installations-1.5.0",
"Installations-1.6.0",
"Installations-1.7.0",
"Installations-1.7.1",
"InstanceID-4.4.0",
"InstanceID-4.5.0",
"InstanceID-4.5.1",
"InstanceID-4.6.0",
"InstanceID-4.7.0",
"InstanceID-4.8.0",
"Messaging-4.5.0",
"Messaging-4.6.0",
"Messaging-4.6.1",
"Messaging-4.6.2",
"Messaging-4.7.0",
"Messaging-4.7.1",
"Performance-3.3.2",
"RemoteConfig-4.5.0",
"RemoteConfig-4.6.0",
"RemoteConfig-4.7.0",
"RemoteConfig-4.8.0",
"RemoteConfig-4.9.0",
"RemoteConfig-4.9.1",
"Storage-3.7.0",
"Storage-3.8.0",
"Storage-3.9.0",
"Storage-3.9.1",
"Utilities-6.7.0",
"Utilities-6.7.1",
"Utilities-6.7.2",
"Utilities-7.0.0",
"Utilities-7.1.0",
"Utilities-7.1.1",
"Utilities-7.2.0"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22329\n\n```\nCrash type: UNKNOWN WRITE\nCrash state:\npb_release_single_field\npb_release\npb_decode\n```\n",
"id": "OSV-2020-2042",
"modified": "2022-04-13T03:28:13.014472Z",
"published": "2020-10-13T00:00:28.349821Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22329"
}
],
"summary": "UNKNOWN WRITE in pb_release_single_field"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…