{"id":"OSV-2022-1141","summary":"Heap-buffer-overflow in LibRaw::phase_one_correct","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53039\n\n```\nCrash type: Heap-buffer-overflow READ 4\nCrash state:\nLibRaw::phase_one_correct\nLibRaw::raw2image_ex\nLibRaw::dcraw_process\n```\n","modified":"2025-02-08T14:21:03.512078Z","published":"2022-11-06T00:00:12.813664Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53039"}],"affected":[{"package":{"name":"kimageformats","ecosystem":"OSS-Fuzz","purl":"pkg:generic/kimageformats"},"ranges":[{"type":"GIT","repo":"https://invent.kde.org/frameworks/kimageformats.git","events":[{"introduced":"d881a7bbb1562af383bbb6ca20340ad739fb0d13"},{"fixed":"7a74b50d64e318ef65e070963dcec094cd6f2596"}]}],"versions":["v5.100.0-rc1","v5.101.0","v5.101.0-rc1","v5.102.0","v5.102.0-rc1","v5.103.0","v5.103.0-rc1","v5.104.0","v5.104.0-rc1","v5.105.0","v5.105.0-rc1","v5.106.0","v5.106.0-rc1","v5.107.0","v5.107.0-rc1","v5.108.0","v5.108.0-rc1","v5.109.0","v5.109.0-rc1","v5.110.0","v5.110.0-rc1","v5.111.0","v5.111.0-rc1","v5.112.0","v5.112.0-rc1","v5.113.0","v5.113.0-rc1","v5.114.0","v5.114.0-rc1","v5.115.0","v5.115.0-rc1","v5.116.0","v5.116.0-rc1","v5.245.0","v5.246.0","v5.247.0","v5.248.0","v5.249.0","v5.99.0","v5.99.0-rc1","v6.0.0","v6.1.0","v6.10.0","v6.10.0-rc1","v6.2.0","v6.3.0","v6.3.0-rc1","v6.4.0","v6.4.0-rc1","v6.5.0","v6.5.0-rc1","v6.6.0","v6.6.0-rc1","v6.7.0","v6.7.0-rc1","v6.8.0","v6.8.0-rc1","v6.9.0","v6.9.0-rc1"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2022-1141.yaml"}}],"schema_version":"1.7.3"}