OSV-2024-450

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/trafficserver/OSV-2024-450.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-450
Published
2024-05-08T00:13:15.436703Z
Modified
2024-05-08T00:13:15.437003Z
Summary
Use-of-uninitialized-value in ink_filepath_merge
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68468

Crash type: Use-of-uninitialized-value
Crash state:
ink_filepath_merge
layout_relative
Layout::Layout
References

Affected packages

OSS-Fuzz / trafficserver

Package

Name
trafficserver
Purl
pkg:generic/trafficserver

Affected ranges

Type
GIT
Repo
https://github.com/apache/trafficserver.git
Events
Introduced
4d0f7c9fcbc36dbf481bac3c1eedad6c0f9a5c36
Fixed
7ad84419432b0807578a59efbf63a3a8226ed1f3

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

fixed_range

"051929c978f239e9687322ff44689b44be42414c:7ad84419432b0807578a59efbf63a3a8226ed1f3"

introduced_range

"5d01b8c858ba531d90c216eed5778d87c9018ca8:051929c978f239e9687322ff44689b44be42414c"

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/trafficserver/OSV-2024-450.yaml"