OSV-2024-450

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/trafficserver/OSV-2024-450.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-450

Published

2024-05-08T00:13:15.436703Z

Modified

2024-05-08T00:13:15.437003Z

Summary

Use-of-uninitialized-value in ink_filepath_merge

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68468

Crash type: Use-of-uninitialized-value
Crash state:
ink_filepath_merge
layout_relative
Layout::Layout

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68468

Affected packages

OSS-Fuzz / trafficserver

Package

Name: trafficserver
Purl: pkg:generic/trafficserver

Affected ranges

Type: GIT
Repo: https://github.com/apache/trafficserver.git
Events: Introduced

4d0f7c9fcbc36dbf481bac3c1eedad6c0f9a5c36

Fixed

7ad84419432b0807578a59efbf63a3a8226ed1f3

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "5d01b8c858ba531d90c216eed5778d87c9018ca8:051929c978f239e9687322ff44689b44be42414c",
    "fixed_range": "051929c978f239e9687322ff44689b44be42414c:7ad84419432b0807578a59efbf63a3a8226ed1f3"
}