—

OSV-2021-1809

Heap-buffer-overflow in ujson.cpython-38-x86_64-linux-gnu.so

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44973

``` Crash type: Heap-buffer-overflow WRITE 1 Crash state: ujson.cpython-38-x86_64-linux-gnu.so ujson.cpython-38-x86_64-linux-gnu.so ujson.cpython-38-x86_64-linux-gnu.so ```

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / ujson

Introduced in: b9275f7b001da11495040f1332f6c3adf3daa57b Fixed in: f6860f1f3d8d4e92b9be0e5815355a8976c6e75b

Fix pip install --upgrade 'ujson>=f6860f1f3d8d4e92b9be0e5815355a8976c6e75b'

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44973 [REPORT]