OSV-2018-24

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/freetype2/OSV-2018-24.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2018-24
Published
2021-01-13T00:00:09.684188Z
Modified
2022-04-13T03:04:34.894025Z
Summary
Heap-buffer-overflow in pcf_get_encodings
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9608

Crash type: Heap-buffer-overflow READ 1
Crash state:
pcf_get_encodings
pcf_load_font
PCF_Face_Init
References

Affected packages

OSS-Fuzz / freetype2

Package

Name
freetype2
Purl
pkg:generic/freetype2

Affected ranges

Type
GIT
Repo
https://github.com/freetype/freetype2-testing.git
Events
Introduced
53e3af654d5491e6481747a28d425cda3f73cb12
Fixed
153f912edc0e1d7f9391bba9c838da558ae3586f
Fixed
cfb8fffac5686716c8e5a9b8768a83fef225e112

Ecosystem specific 

{
    "severity": "MEDIUM",
    "introduced_range": "20cbff1970d10e1f7086a5ef89ada4229481bb1e:f646e9f4598f261ebcef6f989c883428987f4975"
}

Database specific 

{
    "fixed_range": "4b764cdd4664f8a0a195bd24940e6e618c5dea59:cfb8fffac5686716c8e5a9b8768a83fef225e112"
}