{"id":"OSV-2023-46","summary":"Heap-buffer-overflow in json_cquote","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55607\n\n```\nCrash type: Heap-buffer-overflow WRITE 1\nCrash state:\njson_cquote\njson_preR13_header_write_private\ndwg_write_json\n```\n","modified":"2023-02-15T22:57:59.567156Z","published":"2023-02-03T13:01:48.067659Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55607"}],"affected":[{"package":{"name":"libredwg","ecosystem":"OSS-Fuzz","purl":"pkg:generic/libredwg"},"ranges":[{"type":"GIT","repo":"https://github.com/LibreDWG/libredwg","events":[{"introduced":"db754b7f16ca013957db181809853f80c9f2f2df"},{"fixed":"80f3c7884477e84d70f31a61fa8059992040ae9a"}]}],"versions":["0.12.5.4760","0.12.5.4763","0.12.5.4765","0.12.5.4772","0.12.5.4776","0.12.5.4780","0.12.5.4784","0.12.5.4787","0.12.5.4797","0.12.5.4803","0.12.5.4805","0.12.5.4815","0.12.5.4820","0.12.5.4823","0.12.5.4825","0.12.5.4831","0.12.5.4833","0.12.5.4835","0.12.5.4837","0.12.5.4838","0.12.5.4852","0.12.5.4859","0.12.5.4865","0.12.5.4873","0.12.5.4881","0.12.5.4885","0.12.5.4887","0.12.5.4890","0.12.5.4893","0.12.5.4896","0.12.5.4911","0.12.5.4913","0.12.5.4915","0.12.5.4925","0.12.5.4931","0.12.5.4934","0.12.5.4937","0.12.5.4943","0.12.5.4944","0.12.5.4945","0.12.5.4959","0.12.5.4969","0.12.5.4998","0.12.5.5001","0.12.5.5002","0.12.5.5004","0.12.5.5007","0.12.5.5010","0.12.5.5016","0.12.5.5024","0.12.5.5028","0.12.5.5030","0.12.5.5035","0.12.5.5040","0.12.5.5044","0.12.5.5046","0.12.5.5050","0.12.5.5052","0.12.5.5060","0.12.5.5061","0.12.5.5066","0.12.5.5085","0.12.5.5091","0.12.5.5092","0.12.5.5093","0.12.5.5094","0.12.5.5095","0.12.5.5097","0.12.5.5101","0.12.5.5103","0.12.5.5104","0.12.5.5111"],"ecosystem_specific":{"severity":"HIGH"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-46.yaml"}}],"schema_version":"1.7.3"}