osv-2023-135
Vulnerability from osv_ossfuzz
Published
2023-03-02 13:02
Modified
2023-05-14 14:19
Summary
Heap-buffer-overflow in json_cquote
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56473

Crash type: Heap-buffer-overflow READ 1
Crash state:
json_cquote
dwg_json_LTYPE
json_objects_write
To clipboard 

{
  "affected": [
    {
      "ecosystem_specific": {
        "severity": "MEDIUM"
      },
      "package": {
        "ecosystem": "OSS-Fuzz",
        "name": "libredwg",
        "purl": "pkg:generic/libredwg"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "428d1ed6a874d11b39a34f779140755f087fc9e2"
            },
            {
              "fixed": "9a6bd55c9d0722cb101fe85a3b22d89e4ff4fe52"
            }
          ],
          "repo": "https://github.com/LibreDWG/libredwg",
          "type": "GIT"
        }
      ],
      "versions": [
        "0.12.5.4724",
        "0.12.5.4726",
        "0.12.5.4731",
        "0.12.5.4735",
        "0.12.5.4739",
        "0.12.5.4741",
        "0.12.5.4743",
        "0.12.5.4748",
        "0.12.5.4750",
        "0.12.5.4756",
        "0.12.5.4760",
        "0.12.5.4763",
        "0.12.5.4765",
        "0.12.5.4772",
        "0.12.5.4776",
        "0.12.5.4780",
        "0.12.5.4784",
        "0.12.5.4787",
        "0.12.5.4797",
        "0.12.5.4803",
        "0.12.5.4805",
        "0.12.5.4815",
        "0.12.5.4820",
        "0.12.5.4823",
        "0.12.5.4825",
        "0.12.5.4831",
        "0.12.5.4833",
        "0.12.5.4835",
        "0.12.5.4837",
        "0.12.5.4838",
        "0.12.5.4852",
        "0.12.5.4859",
        "0.12.5.4865",
        "0.12.5.4873",
        "0.12.5.4881",
        "0.12.5.4885",
        "0.12.5.4887",
        "0.12.5.4890",
        "0.12.5.4893",
        "0.12.5.4896",
        "0.12.5.4911",
        "0.12.5.4913",
        "0.12.5.4915",
        "0.12.5.4925",
        "0.12.5.4931",
        "0.12.5.4934",
        "0.12.5.4937",
        "0.12.5.4943",
        "0.12.5.4944",
        "0.12.5.4945",
        "0.12.5.4959",
        "0.12.5.4969",
        "0.12.5.4998",
        "0.12.5.5001",
        "0.12.5.5002",
        "0.12.5.5004",
        "0.12.5.5007",
        "0.12.5.5010",
        "0.12.5.5016",
        "0.12.5.5024",
        "0.12.5.5028",
        "0.12.5.5030",
        "0.12.5.5035",
        "0.12.5.5040",
        "0.12.5.5044",
        "0.12.5.5046",
        "0.12.5.5050",
        "0.12.5.5052",
        "0.12.5.5060",
        "0.12.5.5061",
        "0.12.5.5066",
        "0.12.5.5085",
        "0.12.5.5091",
        "0.12.5.5092",
        "0.12.5.5093",
        "0.12.5.5094",
        "0.12.5.5095",
        "0.12.5.5097",
        "0.12.5.5101",
        "0.12.5.5103",
        "0.12.5.5104",
        "0.12.5.5111",
        "0.12.5.5122",
        "0.12.5.5135",
        "0.12.5.5137",
        "0.12.5.5140",
        "0.12.5.5142",
        "0.12.5.5161",
        "0.12.5.5163",
        "0.12.5.5169",
        "0.12.5.5170",
        "0.12.5.5178",
        "0.12.5.5179",
        "0.12.5.5182",
        "0.12.5.5183",
        "0.12.5.5184",
        "0.12.5.5185",
        "0.12.5.5186",
        "0.12.5.5195",
        "0.12.5.5203",
        "0.12.5.5206",
        "0.12.5.5207",
        "0.12.5.5227",
        "0.12.5.5245",
        "0.12.5.5249",
        "0.12.5.5256",
        "0.12.5.5269",
        "0.12.5.5270",
        "0.12.5.5271",
        "0.12.5.5288",
        "0.12.5.5314",
        "0.12.5.5320",
        "0.12.5.5329",
        "0.12.5.5333",
        "0.12.5.5334",
        "0.12.5.5340",
        "0.12.5.5342",
        "0.12.5.5344",
        "0.12.5.5348",
        "0.12.5.5353",
        "0.12.5.5356",
        "0.12.5.5364",
        "0.12.5.5377",
        "0.12.5.5385",
        "0.12.5.5391",
        "0.12.5.5393",
        "0.12.5.5395",
        "0.12.5.5396",
        "0.12.5.5405",
        "0.12.5.5411",
        "0.12.5.5415",
        "0.12.5.5417",
        "0.12.5.5422",
        "0.12.5.5429",
        "0.12.5.5432",
        "0.12.5.5435",
        "0.12.5.5439",
        "0.12.5.5442",
        "0.12.5.5445",
        "0.12.5.5454",
        "0.12.5.5458",
        "0.12.5.5462",
        "0.12.5.5469",
        "0.12.5.5471",
        "0.12.5.5473",
        "0.12.5.5474",
        "0.12.5.5487",
        "0.12.5.5494",
        "0.12.5.5504",
        "0.12.5.5506",
        "0.12.5.5513",
        "0.12.5.5516",
        "0.12.5.5518",
        "0.12.5.5521",
        "0.12.5.5528",
        "0.12.5.5530",
        "0.12.5.5537",
        "0.12.5.5539",
        "0.12.5.5544",
        "0.12.5.5546",
        "0.12.5.5549",
        "0.12.5.5552",
        "0.12.5.5554"
      ]
    }
  ],
  "details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56473\n\n```\nCrash type: Heap-buffer-overflow READ 1\nCrash state:\njson_cquote\ndwg_json_LTYPE\njson_objects_write\n```\n",
  "id": "OSV-2023-135",
  "modified": "2023-05-14T14:19:53.101913Z",
  "published": "2023-03-02T13:02:23.467197Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56473"
    }
  ],
  "schema_version": "1.4.0",
  "summary": "Heap-buffer-overflow in json_cquote"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.