OSV-2020-1060

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/c-blosc2/OSV-2020-1060.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-1060

Published

2020-07-22T21:49:44.144864Z

Modified

2022-04-13T03:04:40.321980Z

Summary

Use-of-uninitialized-value in ZSTD_createDDict_advanced

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23732

Crash type: Use-of-uninitialized-value
Crash state:
ZSTD_createDDict_advanced
ZSTD_createDDict
blosc_run_decompression_with_context

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23732

Affected packages

OSS-Fuzz / c-blosc2

Package

Name: c-blosc2
Purl: pkg:generic/c-blosc2

Affected ranges

Type: GIT
Repo: https://github.com/Blosc/c-blosc2.git
Events: Introduced

47574561c110f8065d64affc43df744ec236b04b

Fixed

a83f4780ccd23eee46541d5789b9be1c1f6f696c

Ecosystem specific

{
    "severity": "MEDIUM",
    "introduced_range": "unknown:47574561c110f8065d64affc43df744ec236b04b",
    "fixed_range": "af587e54bc8fd6019585d9a6d001b62a2fc240a1:a83f4780ccd23eee46541d5789b9be1c1f6f696c"
}