OSV-2020-2303

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/poppler/OSV-2020-2303.yaml

Withdrawn

2023-07-17T01:28:00Z

Published

2021-01-18T00:00:08.864783Z

Modified

2023-07-04T14:08:33.079483Z

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29651

Crash type: Use-of-uninitialized-value
Crash state:
Splash::pipeRunSimpleXBGR8
Splash::drawSpan
Splash::fillWithPattern

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29651

Affected packages

OSS-Fuzz / poppler

Package

Name: poppler

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/poppler/poppler.git
Events: Introduced

2386bf37f9022cb5a9d434e30e8d8d55f4916e55

Affected versions

poppler-20.*

poppler-20.12.0

poppler-20.12.1

poppler-21.*

poppler-21.01.0

poppler-21.02.0

poppler-21.03.0

poppler-21.04.0

poppler-21.05.0

poppler-21.06.0

poppler-21.06.1

poppler-21.07.0

poppler-21.08.0

poppler-21.09.0

poppler-21.10.0

poppler-21.11.0

poppler-21.12.0

poppler-22.*

poppler-22.01.0

poppler-22.02.0

poppler-22.03.0

poppler-22.04.0

poppler-22.05.0

poppler-22.06.0

poppler-22.07.0

poppler-22.08.0

poppler-22.09.0

poppler-22.10.0

poppler-22.11.0

poppler-22.12.0

poppler-23.*

poppler-23.01.0

poppler-23.02.0

poppler-23.03.0

poppler-23.04.0

poppler-23.05.0

poppler-23.07.0

Ecosystem specific

{
    "severity": "MEDIUM"
}