OSV-2020-1158

Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/poppler/OSV-2020-1158.yaml
Published
2020-07-22T21:49:52.056163Z
Modified
2021-06-23T06:26:17.401566Z
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18802

Crash type: Use-of-uninitialized-value Crash state: JBIG2HuffmanDecoder::buildTable JBIG2Stream::readTextRegionSeg JBIG2Stream::readSegments

References

Affected packages

OSS-Fuzz / poppler

poppler

Affected versions

poppler-0.*

poppler-0.65.0
poppler-0.66.0
poppler-0.67.0
poppler-0.68.0
poppler-0.69.0
poppler-0.70.0
poppler-0.70.1
poppler-0.71.0
poppler-0.72.0
poppler-0.73.0
poppler-0.74.0
poppler-0.75.0
poppler-0.76.0
poppler-0.76.1
poppler-0.77.0
poppler-0.78.0
poppler-0.79.0
poppler-0.80.0
poppler-0.81.0
poppler-0.82.0

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "unknown:c9e2dc7ea7e098875e6b93566bdb1d14451c3673",
    "fixed_range": "280c096521d92f6c165f53021110828ad0174c12:8b4a2891d9e4ca8ac835527cc7d114ab08e89ea7"
}