osv-2023-314
Vulnerability from osv_ossfuzz
Published
2023-04-14 14:02
Modified
2023-05-14 14:15
Summary
Heap-buffer-overflow in dwg_encode
Details
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57969
Crash type: Heap-buffer-overflow READ 8
Crash state:
dwg_encode
llvmfuzz.c
{
"affected": [
{
"ecosystem_specific": {
"severity": "MEDIUM"
},
"package": {
"ecosystem": "OSS-Fuzz",
"name": "libredwg",
"purl": "pkg:generic/libredwg"
},
"ranges": [
{
"events": [
{
"introduced": "919f9faa30942269ba453ae563a0d376b290d861"
},
{
"fixed": "9a6bd55c9d0722cb101fe85a3b22d89e4ff4fe52"
}
],
"repo": "https://github.com/LibreDWG/libredwg",
"type": "GIT"
}
],
"versions": [
"0.12.5.5103",
"0.12.5.5104",
"0.12.5.5111",
"0.12.5.5122",
"0.12.5.5135",
"0.12.5.5137",
"0.12.5.5140",
"0.12.5.5142",
"0.12.5.5161",
"0.12.5.5163",
"0.12.5.5169",
"0.12.5.5170",
"0.12.5.5178",
"0.12.5.5179",
"0.12.5.5182",
"0.12.5.5183",
"0.12.5.5184",
"0.12.5.5185",
"0.12.5.5186",
"0.12.5.5195",
"0.12.5.5203",
"0.12.5.5206",
"0.12.5.5207",
"0.12.5.5227",
"0.12.5.5245",
"0.12.5.5249",
"0.12.5.5256",
"0.12.5.5269",
"0.12.5.5270",
"0.12.5.5271",
"0.12.5.5288",
"0.12.5.5314",
"0.12.5.5320",
"0.12.5.5329",
"0.12.5.5333",
"0.12.5.5334",
"0.12.5.5340",
"0.12.5.5342",
"0.12.5.5344",
"0.12.5.5348",
"0.12.5.5353",
"0.12.5.5356",
"0.12.5.5364",
"0.12.5.5377",
"0.12.5.5385",
"0.12.5.5391",
"0.12.5.5393",
"0.12.5.5395",
"0.12.5.5396",
"0.12.5.5405",
"0.12.5.5411",
"0.12.5.5415",
"0.12.5.5417",
"0.12.5.5422",
"0.12.5.5429",
"0.12.5.5432",
"0.12.5.5435",
"0.12.5.5439",
"0.12.5.5442",
"0.12.5.5445",
"0.12.5.5454",
"0.12.5.5458",
"0.12.5.5462",
"0.12.5.5469",
"0.12.5.5471",
"0.12.5.5473",
"0.12.5.5474",
"0.12.5.5487",
"0.12.5.5494",
"0.12.5.5504",
"0.12.5.5506",
"0.12.5.5513",
"0.12.5.5516",
"0.12.5.5518",
"0.12.5.5521",
"0.12.5.5528",
"0.12.5.5530",
"0.12.5.5537",
"0.12.5.5539",
"0.12.5.5544",
"0.12.5.5546",
"0.12.5.5549",
"0.12.5.5552",
"0.12.5.5554"
]
}
],
"details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57969\n\n```\nCrash type: Heap-buffer-overflow READ 8\nCrash state:\ndwg_encode\nllvmfuzz.c\n```\n",
"id": "OSV-2023-314",
"modified": "2023-05-14T14:15:16.434655Z",
"published": "2023-04-14T14:02:37.021991Z",
"references": [
{
"type": "REPORT",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57969"
}
],
"schema_version": "1.4.0",
"summary": "Heap-buffer-overflow in dwg_encode"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…