OSV-2024-1029 Stack-buffer-overflow in gf_hevc_parse_nalu_bs

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71146 Crash type: Stack-buffer-overflow WRITE 4 Crash state: gfhevcparsenalubs gfinspectdumpnaluinternal inspectprocess...

OSV-2024-1023 Use-of-uninitialized-value in pcpp::SomeIpLayer::parseSomeIpLayer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69526 Crash type: Use-of-uninitialized-value Crash state: pcpp::SomeIpLayer::parseSomeIpLayer pcpp::SomeIpLayer::parseNextLayer pcpp::Packet::setRawPacket...

OSV-2024-1018 Security exception in org.springframework.expression.spel.ast.OpPlus.getValueInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67071 Crash type: Security exception Crash state: org.springframework.expression.spel.ast.OpPlus.getValueInternal org.springframework.util.ConcurrentReferenceHashMap$Segment.restructureIfNecessa...

OSV-2024-1009 Heap-buffer-overflow in pcpp::Layer::shortenLayer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66778 Crash type: Heap-buffer-overflow WRITE 9 Crash state: pcpp::Layer::shortenLayer pcpp::TextBasedProtocolMessage::removeField readParsedPacket...

OSV-2024-1010 UNKNOWN READ in H5SL_first

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69169 Crash type: UNKNOWN READ Crash state: H5SLfirst H5FSsectfind H5MFfindsect...

OSV-2024-1003 Security exception in org.json.JSONStringer.value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66272 Crash type: Security exception Crash state: org.json.JSONStringer.value org.json.JSONArray.writeTo org.json.JSONStringer.beforeValue...

OSV-2024-996 Use-of-uninitialized-value in cups_array_find

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69548 Crash type: Use-of-uninitialized-value Crash state: cupsarrayfind cupsArrayFind cupsStrAlloc...

OSV-2024-994 Use-of-uninitialized-value in packet_parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71124 Crash type: Use-of-uninitialized-value Crash state: packetparse packetget1 packetget...

OSV-2024-988 UNKNOWN WRITE in SHA224Result

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68417 Crash type: UNKNOWN WRITE Crash state: SHA224Result mdmapsh224 stack...

OSV-2024-985 Heap-double-free in libssh2_default_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69362 Crash type: Heap-double-free Crash state: libssh2defaultfree sessionfree libssh2sessionfree...

OSV-2024-983 UNKNOWN READ in ireclaim

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537430 Crash type: UNKNOWN READ Crash state: ireclaim interpreclaim gsmainfinit...

OSV-2024-978 Stack-buffer-overflow in narrow_conv_backprop

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537498 Crash type: Stack-buffer-overflow WRITE 4 Crash state: narrowconvbackprop narrowconvbackprop narrowconvbackprop...

OSV-2024-969 Security exception in com.github.javaparser.GeneratedJavaParser.Expression

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70881 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.ClassLoader.defineClass1 java.base/java.lang.ClassLoader.defineClass...

OSV-2024-967 Heap-buffer-overflow in pcpp::byteArrayToHexString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68520 Crash type: Heap-buffer-overflow READ 1 Crash state: pcpp::byteArrayToHexString pcpp::PacketTrailerLayer::toString FuzzTarget.cpp...

OSV-2024-965 Stack-buffer-overflow in FLAC__stream_encoder_init_ogg_file

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42537419 Crash type: Stack-buffer-overflow READ 13 Crash state: FLACstreamencoderinitoggfile EncoderSessioninitencoder flacencodefile...

OSV-2024-964 Security exception in com.alibaba.fastjson2.JSONPathSegment$CycleNameSegment$MapLoop.accept

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69767 Crash type: Security exception Crash state: com.alibaba.fastjson2.JSONPathSegment$CycleNameSegment$MapLoop.accept java.base/java.util.ArrayList.forEach java.base/java.nio.charset.CharsetEncoder...

OSV-2024-963 Heap-buffer-overflow in GfxTilingPattern::scanXObjectForBlendMode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68412 Crash type: Heap-buffer-overflow READ 1 Crash state: GfxTilingPattern::scanXObjectForBlendMode GfxTilingPattern::scanSoftMaskForBlendMode GfxTilingPattern::scanExtGStateForBlendMode...

OSV-2024-957 Heap-buffer-overflow in pcpp::computeChecksum

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66025 Crash type: Heap-buffer-overflow READ 2 Crash state: pcpp::computeChecksum pcpp::computePseudoHdrChecksum pcpp::TcpLayer::calculateChecksum...

OSV-2024-951 Index-out-of-bounds in hevc_ref_pic_lists_modification

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71054 Crash type: Index-out-of-bounds Crash state: hevcrefpiclistsmodification gfhevcparsenalubs gfinspectdumpnaluinternal...

OSV-2024-947 Heap-buffer-overflow in pcpp::SomeIpSdEntry::SomeIpSdEntry

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68654 Crash type: Heap-buffer-overflow READ 1 Crash state: pcpp::SomeIpSdEntry::SomeIpSdEntry pcpp::SomeIpSdLayer::getEntries readParsedPacket...