OSV-2024-1062

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/poppler/OSV-2024-1062.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-1062

Published

2024-09-13T00:05:28.000784Z

Modified

2024-09-13T00:05:28.001152Z

Summary

UNKNOWN WRITE in std::__1::recursive_mutex::lock

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538230

Crash type: UNKNOWN WRITE
Crash state:
std::__1::recursive_mutex::lock
Catalog::getForm
Page::getAnnots

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538230

Affected packages

OSS-Fuzz / poppler

Package

Name: poppler
Purl: pkg:generic/poppler

Affected ranges

Type: GIT
Repo: https://gitlab.freedesktop.org/poppler/poppler.git
Events: Introduced

b8bb2e46ff289c25f097c2f6baeb21642749f761

Fixed

dacf77246ea2d9587c99eb3475db2b8a55af6815

Affected versions

poppler-24.*

poppler-24.09.0

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "introduced_range": "5a25ac7692d76f3c3e5e5850a062209f3482d85c:095789955b23bf271cc5ecb3a654c9c2df297100",
    "fixed_range": "1bce1c823a08c9bd2b63a186339601188f80c08d:dacf77246ea2d9587c99eb3475db2b8a55af6815"
}