OSV-2020-1306

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2020-1306

Published

2020-07-22T21:50:04.734490Z

Modified

2022-04-13T03:04:31.082150Z

Summary

Use-of-uninitialized-value in TIFFYCbCrtoRGB

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602

Crash type: Use-of-uninitialized-value
Crash state:
TIFFYCbCrtoRGB
putcontig8bitYCbCr42tile
gtTileContig

References

Affected packages

Type: GIT
Repo: https://gitlab.com/libtiff/libtiff
Events: Introduced

33f1b16788b86d4501f82678090d209364b3ca49

Fixed

1a4efdd151ed5eea231004aa6daaaf3493954876

v4.0.10

{
    "severity": "MEDIUM",
    "introduced_range": "unknown:33f1b16788b86d4501f82678090d209364b3ca49"
}