OSV-2018-142

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/freetype2/OSV-2018-142.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-142

Published

2021-01-13T00:01:01.333392Z

Modified

2022-04-13T03:04:34.888420Z

Summary

UNKNOWN READ in cff_decoder_parse_charstrings

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11157

Crash type: UNKNOWN READ
Crash state:
cff_decoder_parse_charstrings
cff_slot_load
FT_Load_Glyph

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11157

Affected packages

OSS-Fuzz / freetype2

Package

Name: freetype2
Purl: pkg:generic/freetype2

Affected ranges

Type: GIT
Repo: https://github.com/freetype/freetype2-testing.git
Events: Introduced

731c059129aeb228ea62d8cad40c71dcaa9530b2

Fixed

f3e8aba79174d95cfb222a0af5ce377cc22ecc1a

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "f926f1a2f4dbbc61fcae96da71ba65de5280b94d:4fa3193a6e42c6e65bea0698c85d5a4792e2351c",
    "fixed_range": "e9d2381ddc89ee53cfeb051429628f59416ba7e7:f3e8aba79174d95cfb222a0af5ce377cc22ecc1a"
}