OSV-2020-713

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/poppler/OSV-2020-713.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-713
Published
2020-07-01T00:00:26.302679Z
Modified
2022-04-13T03:04:37.253974Z
Summary
Heap-buffer-overflow in XRef::getEntry
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797

Crash type: Heap-buffer-overflow READ 4
Crash state:
XRef::getEntry
Parser::makeStream
Parser::getObj
References

Affected packages

OSS-Fuzz / poppler

Package

Name
poppler
Purl
pkg:generic/poppler

Affected ranges

Type
GIT
Repo
https://anongit.freedesktop.org/git/poppler/poppler.git
Events
Introduced
89fccf45fc5bfca3756102e6bec1950ec1d436a9
Fixed
b54e1fc3e0d2600621a28d50f9f085b9e38619c2

Affected versions

poppler-0.*

poppler-0.72.0
poppler-0.73.0

Ecosystem specific 

{
    "severity": "MEDIUM"
}