30 matches found
GHSA-4JQ9-2XHW-JPX7 Java: DoS Vulnerability in JSON-JAVA
Summary A denial of service vulnerability in JSON-Java was discovered by ClusterFuzz. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: 1 the parser bug can be used to circumvent a check that is supposed to...
gitea -- multiple vulnerabilities
The Gitea Team reports for release 1.13.7: Update to bluemonday-1.0.6 Clusterfuzz found another way...
[SECURITY] [DLA 2612-1] leptonlib security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2612-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 31, 2021 https://wiki.debian.org/LTS -...
gitea -- multiple vulnerabilities
The Gitea Team reports for release 1.13.6: Fix bug on avatar middleware Fix another clusterfuzz identified issue...
OSS-Fuzz - Continuous Fuzzing Of Open Source Software
Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found thousands of security vulnerabilities and stability bugs by deploying guided in-process fuzzing of...
Microsoft Internet Explorer: READ in CAnimatablePropertyListElement::GetCurrentValues:
Clusterfuzz crash Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: Not exploitable other than for crashing a browser, probably not that useful though. Assessed Attacker Value: 1 Assessed Attacker Value: 1Assessed Attacker Value: 5...
libreoffice: Heap-buffer-overflow in MakePreview
Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5385827211280384 Project: libreoffice Fuzzer: libFuzzerlibreofficeepsfuzzer Fuzz target binary: epsfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type...
lcms: Heap-buffer-overflow in TetrahedralInterpFloat
Project: https://github.com/mm2/Little-CMS.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5333448038285312 Project: lcms Fuzzer: libFuzzerlcmscmstransformfuzzer Fuzz target binary: cmstransformfuzzer Job Type: libfuzzerasanlcms Platform Id: linux Crash Type:...
libtsm: Global-buffer-overflow in vte_write_debug
Project: git://people.freedesktop.org/dvdhrm/libtsm Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5588673684832256 Project: libtsm Fuzzer: libFuzzerlibtsmfuzzer Fuzz target binary: libtsmfuzzer Job Type: libfuzzerasanlibtsm Platform Id: linux Crash Type:...
libreoffice: Crash in WinMtfOutput::DrawText
Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6116030539628544 Project: libreoffice Fuzzer: libFuzzerlibreofficewmffuzzer Fuzz target binary: wmffuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type...
libass: Attempting free in ass_free_track
Project: https://github.com/libass/libass.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6177355424858112 Project: libass Fuzzer: libFuzzerlibassfuzzer Fuzz target binary: libassfuzzer Job Type: libfuzzerasanlibass Platform Id: linux Crash Type: Attempting free Crash...
irssi: Attempting free in g_string_append_vprintf
Project: https://github.com/irssi/irssi.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4984573649747968 Project: irssi Fuzzer: libFuzzerirssiirssi-fuzz Fuzz target binary: irssi-fuzz Job Type: libfuzzerasanirssi Platform Id: linux Crash Type: Attempting free Crash...
json: Use-of-uninitialized-value in nlohmann::basic_json<std::__1::map, std::__1::vector, std::__1::basic_string<cha
Project: https://github.com/nlohmann/json.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6051806467588096 Project: json Fuzzer: libFuzzerjsonfuzzer-parsecbor Fuzz target binary: fuzzer-parsecbor Job Type: libfuzzermsanjson Platform Id: linux Crash Type:...
freetype2: Heap-buffer-overflow in cff_parser_run
Project: https://github.com/freetype/freetype2-testing.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5067461904826368 Project: freetype2 Fuzzer: libFuzzerfreetype2ftfuzzer Fuzz target binary: ftfuzzer Job Type: libfuzzerasanfreetype2 Platform Id: linux Crash Type:...
lcms: Crash in NextCh
Project: https://github.com/mm2/Little-CMS.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=6555791318319104 Project: lcms Fuzzer: libFuzzerlcmscmsIT8loadfuzzer Fuzz target binary: cmsIT8loadfuzzer Job Type: libfuzzerasanlcms Platform Id: linux Crash Type: UNKNOWN READ...
libarchive: Heap-buffer-overflow in lzx_decode_blocks
Project: https://github.com/libarchive/libarchive.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5879290751090688 Project: libarchive Fuzzer: libFuzzerlibarchivefuzzer Fuzz target binary: libarchivefuzzer Job Type: libfuzzerasanlibarchive Platform Id: linux Crash Type:...
icu: Heap-buffer-overflow in utext_previous32_58
Project: https://github.com/unicode-org/icu.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5560648738013184 Project: icu Fuzzer: libFuzzericuucasemapfuzzer Fuzz target binary: ucasemapfuzzer Job Type: libfuzzerasanicu Platform Id: linux Crash Type: Heap-buffer-overflow...
libarchive: Heap-buffer-overflow in archive_le32dec
Project: https://github.com/libarchive/libarchive.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=4591448766808064 Target: libarchive Fuzzer: libFuzzerlibarchivefuzzer Fuzzer binary: libarchivefuzzer Job Type: libfuzzerasanlibarchive Platform Id: linux Crash Type:...
libtsm: Global-buffer-overflow in vte_write_debug
Project: git://people.freedesktop.org/dvdhrm/libtsm Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5429041452548096 Target: libtsm Fuzzer: libFuzzerlibtsmfuzzer Fuzzer binary: libtsmfuzzer Job Type: libfuzzerasanlibtsm Platform Id: linux Crash Type: Global-buffer-overflow...
libtsm: Global-buffer-overflow in vte_write_debug
Project: git://people.freedesktop.org/dvdhrm/libtsm Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5397754897498112 Target: libtsm Fuzzer: libFuzzerlibtsmfuzzer Fuzzer binary: libtsmfuzzer Job Type: libfuzzerasanlibtsm Platform Id: linux Crash Type: Global-buffer-overflow...