OSV-2020-2103

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/miniz/OSV-2020-2103.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2103
Published
2020-10-29T00:00:44.282393Z
Modified
2022-04-13T03:04:40.057613Z
Summary
Use-of-uninitialized-value in tinfl_decompress
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26682

Crash type: Use-of-uninitialized-value
Crash state:
tinfl_decompress
mz_inflate
mz_uncompress2
References

Affected packages

OSS-Fuzz / miniz

Package

Name
miniz
Purl
pkg:generic/miniz

Affected ranges

Type
GIT
Repo
https://github.com/richgel999/miniz.git
Events
Introduced
1e7621d96cb9d0821c61db6f4e3ef36ddc19b0cd
Fixed
9457abb670a2c0a9f907d353bdf257593d0498a5
Fixed
cd659959530d5a890d1ec75bc445819d88183ff1

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "209ba6540c56b0428c58a8064e222de96567b7f6:cd659959530d5a890d1ec75bc445819d88183ff1"
}