/
OSV-2024-233.yaml
36 lines (35 loc) · 1.1 KB
/
OSV-2024-233.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
id: OSV-2024-233
summary: Use-of-uninitialized-value in WelsDec::CWelsDecoder::ReorderPicturesInDisplay
details: |
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66003
```
Crash type: Use-of-uninitialized-value
Crash state:
WelsDec::CWelsDecoder::ReorderPicturesInDisplay
WelsDec::CWelsDecoder::DecodeFrame2WithCtx
WelsDec::CWelsDecoder::DecodeFrame2
```
modified: '2024-04-29T11:29:24.123337Z'
published: '2024-04-03T00:12:42.632653Z'
references:
- type: REPORT
url: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66003
affected:
- package:
name: openh264
ecosystem: OSS-Fuzz
purl: pkg:generic/openh264
ranges:
- type: GIT
repo: https://github.com/cisco/openh264.git
events:
- introduced: 4f01c15b2199daf16924caa53f77a52e8b559260
- fixed: f86f0e47ef28fdf33b15a64eac8359cc1a88dfe6
- fixed: 7cada95045419ae5f7f12aba3e817911e6a466f9
versions:
- v2.4.1
ecosystem_specific:
severity: MEDIUM
database_specific:
fixed_range: c59550a2147c255cc8e09451f6deb96de2526b6d:f86f0e47ef28fdf33b15a64eac8359cc1a88dfe6
schema_version: 1.6.0