OSV-2022-39

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/freetype2/OSV-2022-39.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-39
Published
2022-01-14T00:00:06.951694Z
Modified
2022-04-13T03:04:34.905281Z
Summary
Stack-buffer-overflow in BZ2_decompress
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43564

Crash type: Stack-buffer-overflow READ 1
Crash state:
BZ2_decompress
BZ2_bzDecompress
ft_bzip2_file_fill_output
References

Affected packages

OSS-Fuzz / freetype2

Package

Name
freetype2
Purl
pkg:generic/freetype2

Affected ranges

Type
GIT
Repo
https://github.com/freetype/freetype2-testing.git
Events
Introduced
3c052a837a3c960709227a0d6ddd256e87b88853
Fixed
0eb700d45bb00af96bff247efc79cee58dbfa4ed

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "introduced_range": "e3ac6a743c4871c0b6de35e097248824a5454c40:84057a41a887fb82032a2a8de36192af961be27c"
}