OSV-2023-739

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2023-739.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-739
Published
2023-08-25T14:02:18.323225Z
Modified
2023-08-25T14:02:18.323527Z
Summary
UNKNOWN READ in OT::glyph_variations_t::create_from_glyphs_var_data
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61724

Crash type: UNKNOWN READ
Crash state:
OT::glyph_variations_t::create_from_glyphs_var_data
OT::gvar::decompile_glyph_variations
OT::gvar::instantiate
References

Affected packages

OSS-Fuzz / harfbuzz

Package

Name
harfbuzz
Purl
pkg:generic/harfbuzz

Affected ranges

Type
GIT
Repo
https://github.com/harfbuzz/harfbuzz.git
Events
Introduced
5a4694b6934f9e3ca3dc89cc905b4351920085b6
Fixed
fd3eb2c6723c3ce241011f1d3429e48c3226af1c

Ecosystem specific 

{
    "severity": "MEDIUM"
}