OSV-2020-173

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/poppler/OSV-2020-173.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-173
Published
2020-06-24T01:51:17.351460Z
Modified
2022-04-13T03:04:37.242270Z
Summary
Use-of-uninitialized-value in BaseCryptStream::BaseCryptStream
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20200

Crash type: Use-of-uninitialized-value
Crash state:
BaseCryptStream::BaseCryptStream
DecryptStream::DecryptStream
Parser::getObj
References

Affected packages

OSS-Fuzz / poppler

Package

Name
poppler
Purl
pkg:generic/poppler

Affected ranges

Type
GIT
Repo
https://anongit.freedesktop.org/git/poppler/poppler.git
Events
Introduced
bf03344ad26b1227b5052420feabe062441c02ed
Fixed
e249d8965c0f39bd4dcb882048535a5272f66566

Affected versions

poppler-0.*
poppler-0.66.0
poppler-0.67.0
poppler-0.68.0
poppler-0.69.0
poppler-0.70.0
poppler-0.70.1
poppler-0.71.0
poppler-0.72.0
poppler-0.73.0
poppler-0.74.0
poppler-0.75.0
poppler-0.76.0
poppler-0.76.1
poppler-0.77.0
poppler-0.78.0
poppler-0.79.0
poppler-0.80.0
poppler-0.81.0
poppler-0.82.0
poppler-0.83.0
poppler-0.84.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/poppler/OSV-2020-173.yaml"