{"id":"OSV-2024-1186","summary":"UNKNOWN READ in cfl_sds_len","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371659893\n\n```\nCrash type: UNKNOWN READ\nCrash state:\ncfl_sds_len\nunpack_meta_opts\ncmt_mpack_unpack_map\n```\n","modified":"2025-05-13T14:48:36.393777Z","published":"2024-10-08T00:15:47.433219Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371659893"}],"affected":[{"package":{"name":"fluent-bit","ecosystem":"OSS-Fuzz","purl":"pkg:generic/fluent-bit"},"ranges":[{"type":"GIT","repo":"https://github.com/fluent/fluent-bit/","events":[{"introduced":"03afd1f185b4814a35ed5f5e81f3d4a687f114dc"},{"introduced":"4c37d914cb50b2135ea76c2dc1c16be9418ae0d4"},{"fixed":"3c8f9f27e3960de4d5ee937565943f724ff1a1e6"}]}],"versions":["v2.1.10","v2.1.5","v2.1.5-windows-artifact-fix","v2.1.6","v2.1.7","v2.1.8","v2.1.9","v2.2.0","v2.2.1","v2.2.2","v2.2.3","v3.0.0","v3.0.1","v3.0.2","v3.0.3","v3.0.4","v3.0.5","v3.0.6","v3.0.7","v3.1.0","v3.1.1","v3.1.10","v3.1.2","v3.1.3","v3.1.4","v3.1.5","v3.1.6","v3.1.7","v3.1.8","v3.1.9","v3.2.0","v3.2.1","v3.2.10","v3.2.2","v3.2.3","v3.2.4","v3.2.5","v3.2.6","v3.2.7","v3.2.8","v3.2.9","v4.0.0","v4.0.1"],"ecosystem_specific":{"severity":"MEDIUM"},"database_specific":{"introduced_range":"eabc1a10d817772dc04187201bd32d27bcc3dac6:a2105c2c2549f3a2a7e3fc61a9da72544dba2afa","fixed_range":"5905ddcb41839ba94ae430e8c10812bc89cde14b:3c8f9f27e3960de4d5ee937565943f724ff1a1e6","source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/fluent-bit/OSV-2024-1186.yaml"}}],"schema_version":"1.7.3"}