{"id":"OSV-2022-486","summary":"Heap-buffer-overflow in frame_get_vlmetalayers","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48052\n\n```\nCrash type: Heap-buffer-overflow READ {*}\nCrash state:\nframe_get_vlmetalayers\nframe_to_schunk\nblosc2_schunk_from_buffer\n```\n","modified":"2024-10-02T14:11:20.344165Z","published":"2022-06-17T00:00:08.687092Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48052"}],"affected":[{"package":{"name":"c-blosc2","ecosystem":"OSS-Fuzz","purl":"pkg:generic/c-blosc2"},"ranges":[{"type":"GIT","repo":"https://github.com/Blosc/c-blosc2.git","events":[{"introduced":"ce9aa2247006ed182dabb922bd3536b13375c4cf"},{"fixed":"f8723dc5e4c47a123fddcae993f91b039c5540be"}]}],"versions":["v2.0.0","v2.0.0-rc2","v2.0.0.rc1","v2.0.1","v2.0.2","v2.0.3","v2.0.4","v2.1.0","v2.1.1","v2.10.0","v2.10.1","v2.10.2","v2.10.3","v2.10.4","v2.10.5","v2.11.0","v2.11.1","v2.11.2","v2.11.3","v2.12.0","v2.13.0","v2.13.1","v2.13.2","v2.14.0","v2.14.1","v2.14.2","v2.14.3","v2.14.4","v2.15.0","v2.15.1","v2.2.0","v2.3.0","v2.3.1","v2.4.0","v2.4.1","v2.4.2","v2.4.3","v2.5.0","v2.6.0","v2.6.1","v2.7.0","v2.7.1","v2.8.0","v2.9.0","v2.9.1","v2.9.2","v2.9.3"],"ecosystem_specific":{"severity":"HIGH"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/c-blosc2/OSV-2022-486.yaml"}}],"schema_version":"1.7.3"}