OSV-2025-108

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wavpack/OSV-2025-108.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-108
Published
2025-02-10T00:12:35.140061Z
Modified
2025-02-10T00:12:35.140400Z
Summary
Use-of-uninitialized-value in decimate_dsd_run
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=395207096

Crash type: Use-of-uninitialized-value
Crash state:
decimate_dsd_run
WavpackUnpackSamples
fuzzer.cc
References

Affected packages

OSS-Fuzz / wavpack

Package

Name
wavpack
Purl
pkg:generic/wavpack

Affected ranges

Type
GIT
Repo
https://github.com/dbry/WavPack.git
Events
Introduced
b7b796375293defeae340e83d066efa33fa0d2f3
Fixed
84b576d2c627418a6453cc986b53e79bed38d653

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

introduced_range 
"22550559ef745b5bcc6117638cb3add2bc01b82c:0b99613e30cdb85475c5b77ef50a4bf10d79f041"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wavpack/OSV-2025-108.yaml"