OSV-2024-1310

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libjpeg-turbo/OSV-2024-1310.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1310
Published
2024-11-15T00:03:32.569897Z
Modified
2024-11-15T00:03:32.570195Z
Summary
Use-of-uninitialized-value in decompress_yuv.cc
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=378750938

Crash type: Use-of-uninitialized-value
Crash state:
decompress_yuv.cc
References

Affected packages

OSS-Fuzz / libjpeg-turbo

Package

Name
libjpeg-turbo
Purl
pkg:generic/libjpeg-turbo

Affected ranges

Type
GIT
Repo
https://github.com/libjpeg-turbo/libjpeg-turbo
Events
Introduced
46bdedf463de55de9aea68d2060f83d613c6a906
Fixed
0253e338861f1b15ccf530f83d0d2914d6235e0a

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "introduced_range": "f02b7209b2ac280d9078224551cf34a08003c862:884bbf73da3c2cb67e958311330b0128cf97005e"
}