OSV-2023-27

Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2023-27.yaml
Published
2023-01-23T13:01:48.208593Z
Modified
2023-01-23T13:01:48.208833Z
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55287

Crash type: Heap-buffer-overflow READ 1
Crash state:
OT::Layout::GPOS_impl::PairSet<OT::Layout::MediumTypes>::apply
OT::Layout::GPOS_impl::PairPosFormat1_3<OT::Layout::MediumTypes>::apply
bool OT::hb_accelerate_subtables_context_t::apply_to&lt;OT::Layout::GPOS_impl::Pair
References

Affected packages

OSS-Fuzz / harfbuzz

harfbuzz

Affected versions

6.*

6.0.0

Ecosystem specific

{
    "severity": "MEDIUM"
}