OSV-2024-80

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2024-80.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-80

Published

2024-02-07T00:03:02.923052Z

Modified

2024-04-29T11:39:24.480321Z

Summary

Stack-buffer-overflow in line_join_points

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66455

Crash type: Stack-buffer-overflow WRITE 4
Crash state:
line_join_points
stroke_add_compat
gx_stroke_path_only

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66455

Affected packages

OSS-Fuzz / ghostscript

Package

Name: ghostscript
Purl: pkg:generic/ghostscript

Affected ranges

Type: GIT
Repo: git://git.ghostscript.com/ghostpdl.git
Events: Introduced

ee290c1aebaa172c812f21024af2dbf721fa5865

Introduced

eb9fc0106d45d1ce81ab2c4ae1a3d6e90a8c0164

Fixed

0782358e011f158ba5c49137189e5ee320580af2

Affected versions

ghostpdl-10.*

ghostpdl-10.0.0

ghostpdl-10.0.0rc2

ghostpdl-10.01.0

ghostpdl-10.01.0rc1

ghostpdl-10.01.0rc2

ghostpdl-10.01.1

ghostpdl-10.01.1-gse-10174

ghostpdl-10.01.2

ghostpdl-10.02.0

ghostpdl-10.02.0-test-base-001

ghostpdl-10.02.0rc1

ghostpdl-10.02.0rc2

ghostpdl-10.02.1

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "introduced_range": "19c421c10385b89da8564d664c2c5679c7558035:1f56d7736465c45a2785d6bb3db1c37289599b40",
    "fixed_range": "b49bf7ac006c50d8ee65bf682e1fe22668cee5ea:0782358e011f158ba5c49137189e5ee320580af2"
}