{"id":"OSV-2023-874","summary":"Memcpy-param-overlap in bit_u_expand","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62461\n\n```\nCrash type: Memcpy-param-overlap\nCrash state:\nbit_u_expand\nbit_TV_to_utf8\ndwg_decode_header_variables\n```\n","modified":"2023-09-18T14:01:11.021190Z","published":"2023-09-18T14:01:11.020858Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62461"}],"affected":[{"package":{"name":"libredwg","ecosystem":"OSS-Fuzz","purl":"pkg:generic/libredwg"},"ranges":[{"type":"GIT","repo":"https://github.com/LibreDWG/libredwg","events":[{"introduced":"10646ad0ed31d5291fc898d28b8c610586ef082e"},{"fixed":"36590dabf9ada4f15e5b9f86e206632c376d2b16"}]}],"versions":["0.12.5.6149","0.12.5.6157","0.12.5.6160","0.12.5.6162","0.12.5.6164","0.12.5.6169","0.12.5.6171","0.12.5.6173","0.12.5.6183","0.12.5.6187","0.12.5.6191","0.12.5.6194","0.12.5.6199","0.12.5.6203","0.12.5.6205","0.12.5.6209","0.12.5.6214","0.12.5.6216","0.12.5.6220","0.12.5.6226","0.12.5.6229","0.12.5.6231","0.12.5.6236","0.12.5.6241","0.12.5.6243","0.12.5.6245","0.12.5.6248","0.12.5.6253","0.12.5.6257","0.12.5.6263","0.12.5.6269","0.12.5.6271","0.12.5.6277","0.12.5.6279","0.12.5.6285","0.12.5.6294","0.12.5.6302","0.12.5.6306","0.12.5.6310","0.12.5.6313","0.12.5.6316","0.12.5.6319","0.12.5.6321","0.12.5.6325"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libredwg/OSV-2023-874.yaml"}}],"schema_version":"1.7.3"}