OSV-2026-600

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/skcms/OSV-2026-600.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2026-600

Published

2026-04-21T00:03:54.845282Z

Modified

2026-04-21T00:03:54.845623Z

Summary

Heap-buffer-overflow in skcms_private::baseline::clut

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504261818

Crash type: Heap-buffer-overflow READ 8
Crash state:
skcms_private::baseline::clut
skcms_private::baseline::exec_stages
skcms_private::baseline::run_program

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504261818

Affected packages

OSS-Fuzz / skcms

Package

Name: skcms
Purl: pkg:generic/skcms

Affected ranges

Type: GIT
Repo: https://skia.googlesource.com/skcms.git
Events: Introduced

15db2430b6288ac0a6b23e3f6a163fa016a3fab1

Fixed

a7a3b15f06355692d86a3b8373c579a521598f4c

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/skcms/OSV-2026-600.yaml"