OSV-2024-420 Use-of-uninitialized-value in Lexer::Error

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68397 Crash type: Use-of-uninitialized-value Crash state: Lexer::Error ManifestParser::ParseRule ManifestParser::Parse...

OSV-2024-409 Use-of-uninitialized-value in Lexer::ReadToken

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68486 Crash type: Use-of-uninitialized-value Crash state: Lexer::ReadToken ManifestParser::Parse Parser::Load...

PT-2024-40761 · Git +1 · Tinyusb

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value" as reported by OSS-Fuzz. The crash state involves cdc task and fuzz.cc, indicating a...

OSV-2024-404 Use-of-uninitialized-value in avifSequenceHeaderParse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68568 Crash type: Use-of-uninitialized-value Crash state: avifSequenceHeaderParse avifDecoderReset avifDecoderParse...

OSV-2024-403 UNKNOWN READ in mem_planar_put_image_slow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68566 Crash type: UNKNOWN READ Crash state: memplanarputimageslow pdf14cmykspotputimage gxupdatepdf14compositor...

OSV-2024-402 Stack-buffer-overflow in SwiftProtobuf.TextFormatScanner.

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68485 Crash type: Stack-buffer-overflow READ 1 Crash state: SwiftProtobuf.TextFormatScanner. SwiftProtobuf.TextFormatScanner. function signature specialization Arg...

PT-2024-40754 · Unknown · Swiftprotobuf

Name of the Vulnerable Software and Affected Versions: SwiftProtobuf affected versions not specified Description: The issue is related to a stack-buffer-overflow read in the SwiftProtobuf.TextFormatScanner function. This is indicated by an OSS-Fuzz report, which details a crash type of...

OSV-2024-400 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68380 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.UTF8.updatePositions java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop...

OSV-2024-398 Use-of-uninitialized-value in wabt::BinaryReaderObjdump::PrintInitExpr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65975 Crash type: Use-of-uninitialized-value Crash state: wabt::BinaryReaderObjdump::PrintInitExpr wabt::BinaryReaderObjdump::EndInitExpr wabt::BinaryReaderObjdump::EndGlobalInitExpr...

OSV-2024-396 UNKNOWN READ in jvp_object_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65942 Crash type: UNKNOWN READ Crash state: jvpobjectfree jvfree jvequal...

OSV-2024-395 Use-of-uninitialized-value in pcapint_filter_with_aux_data

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66124 Crash type: Use-of-uninitialized-value Crash state: pcapintfilterwithauxdata pcapintfilter pcapofflinefilter...

PT-2024-40750 · Git +1 · Jq

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash occurred due to an unknown read issue, as reported by OSS-Fuzz. The crash state involves functions such as jvp object free, jv free, and jv equal...

glib: Timeout in fuzz_variant_text

A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect gli...

OSV-2024-393 Heap-buffer-overflow in pcpp::BgpLayer::getHeaderLen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67346 Crash type: Heap-buffer-overflow READ 2 Crash state: pcpp::BgpLayer::getHeaderLen pcpp::Packet::shortenLayer pcpp::BgpUpdateMessageLayer::setPathAttributes...

OSV-2024-391 Security exception in org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68324 Crash type: Security exception Crash state: org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII...

OSV-2024-390 Heap-buffer-overflow in H5O__cache_chk_serialize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67889 Crash type: Heap-buffer-overflow READ Crash state: H5Ocachechkserialize H5Cgenerateimage H5Cflushsingleentry...

OSV-2024-389 Heap-buffer-overflow in JS_CallInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67611 Crash type: Heap-buffer-overflow READ 1 Crash state: JSCallInternal asyncfuncresume jsasyncfunctionresume...

OSV-2024-384 Heap-use-after-free in json_fixed_string

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67528 Crash type: Heap-use-after-free WRITE 11 Crash state: jsonfixedstring jsonRNUMBERHeader dwgreadjson...

OSV-2024-382 UNKNOWN READ in pcpp::Packet::destructPacketData

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67193 Crash type: UNKNOWN READ Crash state: pcpp::Packet::destructPacketData Packet.h...

OSV-2024-380 Heap-use-after-free in H5FL__blk_gc_list

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67830 Crash type: Heap-use-after-free READ 8 Crash state: H5FLblkgclist H5FLblkfree H5Ofree...