OSV-2020-2151

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/miniz/OSV-2020-2151.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-2151
Published
2020-11-13T00:00:56.838971Z
Modified
2022-04-13T03:04:40.063023Z
Summary
Use-of-uninitialized-value in tinfl_decompress
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27413

Crash type: Use-of-uninitialized-value
Crash state:
tinfl_decompress
mz_inflate
mz_uncompress2
References

Affected packages

OSS-Fuzz / miniz

Package

Name
miniz
Purl
pkg:generic/miniz

Affected ranges

Type
GIT
Repo
https://github.com/richgel999/miniz.git
Events
Introduced
1e7621d96cb9d0821c61db6f4e3ef36ddc19b0cd
Fixed
b43f8a0c22d6bae6b5416264232f57a2aca539fe

Affected versions

2.*

2.2.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "d6566206ce120069708e77eff79cf117957b419a:b43f8a0c22d6bae6b5416264232f57a2aca539fe"
}