OSV-2020-1875

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2020-1875.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1875
Published
2020-09-29T00:00:26.901998Z
Modified
2022-04-13T04:12:40.578439Z
Summary
Heap-use-after-free in dict_find_string
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20652

Crash type: Heap-use-after-free READ 8
Crash state:
dict_find_string
gs_main_tempnames
gs_main_finit
References

Affected packages

OSS-Fuzz / ghostscript

Package

Name
ghostscript
Purl
pkg:generic/ghostscript

Affected ranges

Type
GIT
Repo
git://git.ghostscript.com/ghostpdl.git
Events
Introduced
f35924926cb35f08be5a12ded4a00eb2f42aed3e
Fixed
5fc8e7c0b656d4e2be8f5e316121f06039c35273
Fixed
bbecd13cc34f3dcdcedd726e7de12c988da9794a
Fixed
f5b7acb59c4f2e88591aab9f355813e0b7b68db5

Affected versions

ghostpdl-9.*

ghostpdl-9.51rc1

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "cd5f21df6c710664ff0ba3f100ca5283d9367ed8:f5b7acb59c4f2e88591aab9f355813e0b7b68db5"
}