OSV-2018-48

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/freetype2/OSV-2018-48.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2018-48

Published

2021-01-13T00:00:26.415724Z

Modified

2022-04-13T03:04:34.932440Z

Summary

Heap-buffer-overflow in PCF_Glyph_Load

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9524

Crash type: Heap-buffer-overflow READ 2
Crash state:
PCF_Glyph_Load
FT_Load_Glyph
ftfuzzer.cc

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9524

Affected packages

OSS-Fuzz / freetype2

Package

Name: freetype2
Purl: pkg:generic/freetype2

Affected ranges

Type: GIT
Repo: https://github.com/freetype/freetype2-testing.git
Events: Introduced

53e3af654d5491e6481747a28d425cda3f73cb12

Fixed

8f0427985b16b0cea6779391fa7b89cecd156b2f

Ecosystem specific

{
    "introduced_range": "20cbff1970d10e1f7086a5ef89ada4229481bb1e:f646e9f4598f261ebcef6f989c883428987f4975",
    "severity": "MEDIUM",
    "fixed_range": "f646e9f4598f261ebcef6f989c883428987f4975:8f0427985b16b0cea6779391fa7b89cecd156b2f"
}