{"id":"OSV-2021-39","summary":"Heap-buffer-overflow in dotnet_parse_tilde_2","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29419\n\n```\nCrash type: Heap-buffer-overflow READ 2\nCrash state:\ndotnet_parse_tilde_2\ndotnet_parse_tilde\ndotnet_parse_com\n```\n","modified":"2022-04-13T03:04:42.276480Z","published":"2021-01-10T00:01:34.995212Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29419"}],"affected":[{"package":{"name":"yara","ecosystem":"OSS-Fuzz","purl":"pkg:generic/yara"},"ranges":[{"type":"GIT","repo":"https://github.com/VirusTotal/yara.git","events":[{"introduced":"aa182b4f928e54189fe51606d4dc419e7b27022f"},{"fixed":"4782d10257693a30bf84b4b33159d02594ece005"},{"fixed":"58d01e86fe0edc15e35d5f367f28e8e6c2df89ba"}]}],"versions":["v3.10.0","v3.10.0-rc1","v3.11.0","v3.9.0","v4.0.0","v4.0.0-rc1","v4.0.0-rc2","v4.0.0-rc3","v4.0.1","v4.0.2","v4.0.3","v4.0.4","v4.0.5"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/yara/OSV-2021-39.yaml","fixed_range":"09116e8b7977b718f363f76214ea6cc158420da9:58d01e86fe0edc15e35d5f367f28e8e6c2df89ba"}}],"schema_version":"1.7.3"}