{"id":"OSV-2023-455","summary":"Heap-buffer-overflow in bit_TV_to_utf8","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59571\n\n```\nCrash type: Heap-buffer-overflow WRITE 1\nCrash state:\nbit_TV_to_utf8\njson_cquote\ndwg_geojson_feature\n```\n","modified":"2023-08-05T14:19:01.096560Z","published":"2023-06-05T14:00:16.339269Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59571"}],"affected":[{"package":{"name":"libredwg","ecosystem":"OSS-Fuzz","purl":"pkg:generic/libredwg"},"ranges":[{"type":"GIT","repo":"https://github.com/LibreDWG/libredwg","events":[{"introduced":"784605ad5b9c44ba9243158cb7b4a4bcc169f130"},{"fixed":"aa1efabfa067d0ca63ce7a950ca4420755edadf2"}]}],"versions":["0.12.5.5320","0.12.5.5329","0.12.5.5333","0.12.5.5334","0.12.5.5340","0.12.5.5342","0.12.5.5344","0.12.5.5348","0.12.5.5353","0.12.5.5356","0.12.5.5364","0.12.5.5377","0.12.5.5385","0.12.5.5391","0.12.5.5393","0.12.5.5395","0.12.5.5396","0.12.5.5405","0.12.5.5411","0.12.5.5415","0.12.5.5417","0.12.5.5422","0.12.5.5429","0.12.5.5432","0.12.5.5435","0.12.5.5439","0.12.5.5442","0.12.5.5445","0.12.5.5454","0.12.5.5458","0.12.5.5462","0.12.5.5469","0.12.5.5471","0.12.5.5473","0.12.5.5474","0.12.5.5487","0.12.5.5494","0.12.5.5504","0.12.5.5506","0.12.5.5513","0.12.5.5516","0.12.5.5518","0.12.5.5521","0.12.5.5528","0.12.5.5530","0.12.5.5537","0.12.5.5539","0.12.5.5544","0.12.5.5546","0.12.5.5549","0.12.5.5552","0.12.5.5554","0.12.5.5557","0.12.5.5560","0.12.5.5563","0.12.5.5570","0.12.5.5577","0.12.5.5584","0.12.5.5625","0.12.5.5646","0.12.5.5648","0.12.5.5654","0.12.5.5656","0.12.5.5660","0.12.5.5663","0.12.5.5666","0.12.5.5667","0.12.5.5668","0.12.5.5671","0.12.5.5688","0.12.5.5691","0.12.5.5697","0.12.5.5700","0.12.5.5708","0.12.5.5710","0.12.5.5712","0.12.5.5713","0.12.5.5716","0.12.5.5720","0.12.5.5721","0.12.5.5725","0.12.5.5731","0.12.5.5733","0.12.5.5741","0.12.5.5745","0.12.5.5746","0.12.5.5748","0.12.5.5751","0.12.5.5754","0.12.5.5759","0.12.5.5761","0.12.5.5764","0.12.5.5772","0.12.5.5779","0.12.5.5784","0.12.5.5787","0.12.5.5789","0.12.5.5793","0.12.5.5796","0.12.5.5799","0.12.5.5802","0.12.5.5804","0.12.5.5806","0.12.5.5809","0.12.5.5811","0.12.5.5813","0.12.5.5822","0.12.5.5827","0.12.5.5830","0.12.5.5832","0.12.5.5837","0.12.5.5845","0.12.5.5852","0.12.5.5856","0.12.5.5859","0.12.5.5862","0.12.5.5865","0.12.5.5870","0.12.5.5875","0.12.5.5877","0.12.5.5882","0.12.5.5885","0.12.5.5887","0.12.5.5889","0.12.5.5894","0.12.5.5898","0.12.5.5903","0.12.5.5907","0.12.5.5914","0.12.5.5915","0.12.5.5922","0.12.5.5949","0.12.5.5953","0.12.5.5959","0.12.5.5962","0.12.5.5968","0.12.5.5970","0.12.5.5971","0.12.5.5975","0.12.5.5982","0.12.5.6001","0.12.5.6004","0.12.5.6010","0.12.5.6013","0.12.5.6016","0.12.5.6019","0.12.5.6022","0.12.5.6023","0.12.5.6027","0.12.5.6033","0.12.5.6037","0.12.5.6040","0.12.5.6043","0.12.5.6044","0.12.5.6046","0.12.5.6055","0.12.5.6057","0.12.5.6068"],"ecosystem_specific":{"severity":"HIGH"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-455.yaml"}}],"schema_version":"1.7.3"}