{"id":"OSV-2022-1040","summary":"Heap-buffer-overflow in onig_node_str_cat","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52276\n\n```\nCrash type: Heap-buffer-overflow READ 3\nCrash state:\nonig_node_str_cat\nsetup_tree\nsetup_tree\n```\n","modified":"2023-01-21T00:15:48.643777Z","published":"2022-10-11T00:02:05.093425Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52276"}],"affected":[{"package":{"name":"fluent-bit","ecosystem":"OSS-Fuzz","purl":"pkg:generic/fluent-bit"},"ranges":[{"type":"GIT","repo":"https://github.com/fluent/fluent-bit/","events":[{"introduced":"e59f16b1168fca4046fff219ba9ae4e20dee6610"},{"fixed":"5ddb06fe4273bdec0171bc30877959c7bef666c2"}]}],"versions":["ci-release-test","tiger-2.0.9-dev-20230104","unstable","unstable-master","v1.9.0","v1.9.0-ci-test-1","v1.9.0-rc1","v1.9.0-rc2","v1.9.0-rc3","v1.9.0-rc4","v1.9.1","v1.9.10","v1.9.2","v1.9.3","v1.9.4","v1.9.5","v1.9.6","v1.9.7","v1.9.8","v1.9.9","v2.0.0","v2.0.0-rc1","v2.0.0-rc2","v2.0.0-rc3","v2.0.0pre","v2.0.1","v2.0.2","v2.0.3","v2.0.4","v2.0.5","v2.0.6","v2.0.7","v2.0.8","vv.2.0.7"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2022-1040.yaml"}}],"schema_version":"1.7.3"}