{"id":"OSV-2023-893","summary":"Heap-buffer-overflow in initialize_encryption_key","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62542\n\n```\nCrash type: Heap-buffer-overflow READ {*}\nCrash state:\ninitialize_encryption_key\ncli_ole2_extract\ncli_scanole2\n```\n","modified":"2023-09-22T14:00:41.559861Z","published":"2023-09-22T14:00:41.559553Z","withdrawn":"2023-10-06T07:19:13.117696Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62542"}],"affected":[{"package":{"name":"clamav","ecosystem":"OSS-Fuzz","purl":"pkg:generic/clamav"},"ranges":[{"type":"GIT","repo":"https://github.com/Cisco-Talos/clamav.git","events":[{"introduced":"863cd51e1d5813d50c8adea9d3bc5f7d3f26f51c"}]}],"versions":["clamav-1.0.0","clamav-1.0.0-rc","clamav-1.0.0-rc2","clamav-1.0.1","clamav-1.0.2","clamav-1.0.3","clamav-1.1.0","clamav-1.1.0-rc","clamav-1.1.1","clamav-1.1.2","clamav-1.2.0","clamav-1.2.0-rc"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2023-893.yaml"}}],"schema_version":"1.7.3"}