OSV-2018-367

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mupdf/OSV-2018-367.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-367

Published

2021-01-15T00:00:59.532565Z

Modified

2022-04-13T03:04:31.398810Z

Summary

Use-of-uninitialized-value in cf2_glyphpath_lineTo

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8323

Crash type: Use-of-uninitialized-value
Crash state:
cf2_glyphpath_lineTo
cf2_glyphpath_closeOpenPath
cf2_glyphpath_moveTo

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8323

Affected packages

OSS-Fuzz / mupdf

Package

Name: mupdf
Purl: pkg:generic/mupdf

Affected ranges

Type: GIT
Repo: git://git.ghostscript.com/mupdf.git
Events: Introduced

11ee2bcf4d23bcb443d6b39caa2ac62fdd9920b2

Fixed

c7f89b2484ef1448670dd862e417d395131da7f8

Affected versions

1.*

1.13.0

1.13.0-rc1

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "9086386263154498dcb18c96f1e1630903b21a3c:d9bc8c6f7fb2e3ec7035bebaaee0edcf59287705",
    "fixed_range": "319f9ba70bd8de9514d6308259190fd4e3fc74f0:c7f89b2484ef1448670dd862e417d395131da7f8"
}