{"id":"OSV-2021-855","summary":"Heap-buffer-overflow in mk_rconf_read","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35185\n\n```\nCrash type: Heap-buffer-overflow READ 1\nCrash state:\nmk_rconf_read\nmk_rconf_open\nflb_parser_conf_file\n```\n","modified":"2023-04-20T22:43:29.858337Z","published":"2021-06-14T00:00:18.084172Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35185"}],"affected":[{"package":{"name":"fluent-bit","ecosystem":"OSS-Fuzz","purl":"pkg:generic/fluent-bit"},"ranges":[{"type":"GIT","repo":"https://github.com/fluent/fluent-bit/","events":[{"introduced":"8f653c34c0dd46c39e2a5ebf9ff3fe9ec932fc4f"},{"introduced":"ed82460da17f5a029df74503d3a5f8f69d29d3ea"},{"fixed":"1c3811ba12bf924a96c916e2409a0d41c336debf"}]}],"versions":["1.8.9-dev-6b56f51","20220215","tiger-1.8.15-20221123","tiger-1.8.15-20221220","tiger-1.8.15-20230223","unstable-1.8","unstable-leonardo-cio-log-poc","v1.8.0","v1.8.0-rc1","v1.8.1","v1.8.10","v1.8.11","v1.8.12","v1.8.13","v1.8.14","v1.8.15","v1.8.2","v1.8.3","v1.8.4","v1.8.5","v1.8.6","v1.8.7","v1.8.8","v1.8.9","v1.8.9-dev-6b56f51","tiger-1.8.15-20230329"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2021-855.yaml"}}],"schema_version":"1.7.3"}