OSV-2023-551

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2023-551.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-551
Published
2023-07-10T14:00:18.751239Z
Modified
2023-07-10T14:00:18.751501Z
Summary
Heap-buffer-overflow in OT::CmapSubtable::collect_unicodes
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60467

Crash type: Heap-buffer-overflow READ 2
Crash state:
OT::CmapSubtable::collect_unicodes
hb_face_collect_unicodes
test-ot-face.c
References

Affected packages

OSS-Fuzz / harfbuzz

Package

Name
harfbuzz
Purl
pkg:generic/harfbuzz

Affected ranges

Type
GIT
Repo
https://github.com/harfbuzz/harfbuzz.git
Events
Introduced
d84504206c420250bfe80bee25f6a59a7177c9eb
Fixed
f60dbd906a4bf89354af1ed0616a61a5099d8c1a

Ecosystem specific 

{
    "severity": "MEDIUM"
}