OSV-2018-233

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mupdf/OSV-2018-233.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-233

Published

2021-01-15T00:00:01.575682Z

Modified

2022-04-13T03:04:31.376583Z

Summary

Use-of-uninitialized-value in _cmsReadHeader

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5936

Crash type: Use-of-uninitialized-value
Crash state:
_cmsReadHeader
cmsOpenProfileFromMemTHR
fz_lcms_init_profile

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5936

Affected packages

OSS-Fuzz / mupdf

Package

Name: mupdf
Purl: pkg:generic/mupdf

Affected ranges

Type: GIT
Repo: git://git.ghostscript.com/mupdf.git
Events: Introduced

11ee2bcf4d23bcb443d6b39caa2ac62fdd9920b2

Fixed

a6cbde55a4bc8095556d5b0e134e51d7ac946805

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "9086386263154498dcb18c96f1e1630903b21a3c:d9bc8c6f7fb2e3ec7035bebaaee0edcf59287705",
    "fixed_range": "4dcc6affe04368461310a21238f7e1871a752a05:a6cbde55a4bc8095556d5b0e134e51d7ac946805"
}