{"id":"OSV-2022-289","summary":"Heap-buffer-overflow in add_compile_string","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46086\n\nCrash type: Heap-buffer-overflow READ 4\nCrash state:\nadd_compile_string\ncompile_tree\ncompile_tree\n","modified":"2023-02-24T02:02:17.563669Z","published":"2022-03-30T00:01:45.027746Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46086"}],"affected":[{"package":{"name":"fluent-bit","ecosystem":"OSS-Fuzz","purl":"pkg:generic/fluent-bit"},"ranges":[{"type":"GIT","repo":"https://github.com/fluent/fluent-bit/","events":[{"introduced":"e59f16b1168fca4046fff219ba9ae4e20dee6610"},{"fixed":"9cc2ff55a146b2b3e8c321a87920c0d39a2b2ba6"},{"fixed":"3c13edab76389a7412deef12ac61a25b85f00c39"}]}],"versions":["ci-release-test","unstable","unstable-master","v1.9.0","v1.9.0-ci-test-1","v1.9.0-rc1","v1.9.0-rc2","v1.9.0-rc3","v1.9.0-rc4","v1.9.1","v1.9.2","v1.9.3","v1.9.4","v1.9.5","v1.9.6","v1.9.7","v1.9.8","v1.9.9","v1.9.10"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2022-289.yaml"}}],"schema_version":"1.7.3"}