OSV-2022-97

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2022-97.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-97
Published
2022-01-29T00:00:27.567705Z
Modified
2022-04-13T03:04:34.418274Z
Summary
Heap-buffer-overflow in gs_interpret
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44123

Crash type: Heap-buffer-overflow WRITE 16
Crash state:
gs_interpret
gs_main_run_string_with_length
gs_main_run_string
References

Affected packages

OSS-Fuzz / ghostscript

Package

Name
ghostscript
Purl
pkg:generic/ghostscript

Affected ranges

Type
GIT
Repo
git://git.ghostscript.com/ghostpdl.git
Events
Introduced
4297fa6c36ccd90859f2cc13f563d87326b0705a
Fixed
2c3bee693aca9204b5c138bd3e1fbeff83123c5d

Affected versions

ghostpdl-9.*

ghostpdl-9.55.0
ghostpdl-9.55.0rc1
ghostpdl-9.56.0-test-base-0
ghostpdl-9.56.0-test-base-2
ghostpdl-9.56.0-test-base-3
ghostpdl-9.56.0-test-base-4

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "introduced_range": "b0bbf56c2746bfe21293451594fa56d8cc881e78:a9bd3dec9fde03327a4a2c69dad1036bf9632e20"
}