OSV-2020-856

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/qpdf/OSV-2020-856.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-856
Published
2020-07-14T22:13:46.996334Z
Modified
2022-04-13T03:04:31.549307Z
Summary
Use-of-uninitialized-value in deflate_slow
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18745

Crash type: Use-of-uninitialized-value
Crash state:
deflate_slow
deflate
Pl_Flate::handleData
References

Affected packages

OSS-Fuzz / qpdf

Package

Name
qpdf
Purl
pkg:generic/qpdf

Affected ranges

Type
GIT
Repo
https://github.com/qpdf/qpdf.git
Events
Introduced
793d987b5fdd55330f2c0df532114c0ce13a25af
Fixed
232f5fc9f3bed8e1b02bca5d10b2eca444e30f95

Affected versions

release-qpdf-10.*

release-qpdf-10.0.0
release-qpdf-10.0.1

release-qpdf-9.*

release-qpdf-9.0.0
release-qpdf-9.0.1
release-qpdf-9.0.2
release-qpdf-9.1.0
release-qpdf-9.1.1
release-qpdf-9.1.rc1

Ecosystem specific 

{
    "severity": "MEDIUM"
}