OSV-2022-199

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2022-199.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-199
Published
2022-02-25T00:01:57.594646Z
Modified
2023-02-24T02:18:08.648171Z
Summary
Stack-buffer-overflow in check_user_password_preR5
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44983

Crash type: Stack-buffer-overflow READ {*}
Crash state:
check_user_password_preR5
pdfi_initialise_Decryption
pdfi_set_input_stream
References

Affected packages

OSS-Fuzz / ghostscript

Package

Name
ghostscript
Purl
pkg:generic/ghostscript

Affected ranges

Type
GIT
Repo
git://git.ghostscript.com/ghostpdl.git
Events
Introduced
75fbddf52051987287e62d13c659eb73ba16982f
Fixed
4a79f807fd13bd0e53bd1aad6f26066be8bf0b15
Fixed
a16917a77693e16c3a63a8a00ad782052ed5434e

Affected versions

ghostpdl-9.*
ghostpdl-9.56.0-test-base-2
ghostpdl-9.56.0-test-base-3
ghostpdl-9.56.0-test-base-4
ghostpdl-9.56.0-test-base-5
ghostpdl-9.56.0-test-base-6
ghostpdl-9.56.0rc1_release_tests_001
Other
ken_20220210_baseline
robin-test-base-0

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2022-199.yaml"