PT-2024-40673 · Git +1 · Htslib

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, as reported by OSS-Fuzz. The crash occurs in the following functions: vcf parse format,...

OSV-2024-184 Security exception in org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67437 Crash type: Security exception Crash state: org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse java.base/sun.util.locale.provider.LocaleProviderAdapter.getAdapter...

OSV-2024-181 Security exception in org.antlr.v4.runtime.atn.PredictionContext.fromRuleContext

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67461 Crash type: Security exception Crash state: org.antlr.v4.runtime.atn.PredictionContext.fromRuleContext org.antlr.v4.runtime.misc.MurmurHash.update org.antlr.v4.runtime.misc.MurmurHash.update...

OSV-2024-180 Heap-buffer-overflow in ixheaace_process

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67273 Crash type: Heap-buffer-overflow READ 1 Crash state: ixheaaceprocess xaacencfuzzer.cpp...

OSV-2024-177 Heap-buffer-overflow in p11_rpc_buffer_get_date_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67383 Crash type: Heap-buffer-overflow WRITE 8 Crash state: p11rpcbuffergetdatevalue p11rpcmessagegetdatevalue p11rpcmessagegetattribute...

OSV-2024-173 Heap-buffer-overflow in pcre2_fuzzsupport.c

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67381 Crash type: Heap-buffer-overflow READ 4 Crash state: pcre2fuzzsupport.c...

OSV-2024-171 Security exception in org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67357 Crash type: Security exception Crash state: org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse java.base/sun.util.calendar.ZoneInfo.getLastRawOffset java.base/sun.util.calendar.ZoneInfo.getOffse...

OSV-2024-170 Use-of-uninitialized-value in pcpp::Packet::createFirstLayer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66333 Crash type: Use-of-uninitialized-value Crash state: pcpp::Packet::createFirstLayer pcpp::Packet::setRawPacket FuzzTarget.cpp...

OSV-2024-167 Security exception in com.github.javaparser.GeneratedJavaParser.Expression

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65974 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.lang.String.startsWith java.base/java.net.URL.isBuiltinStreamHandler...

OSV-2024-163 Stack-buffer-overflow in H5S_get_simple_extent_dims

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66627 Crash type: Stack-buffer-overflow WRITE 8 Crash state: H5Sgetsimpleextentdims H5Sgetsimpleextentdims MatH5ReadFieldNames...

OSV-2024-161 Heap-buffer-overflow in pcre2_fuzzsupport.c

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67297 Crash type: Heap-buffer-overflow READ 4 Crash state: pcre2fuzzsupport.c...

OSV-2024-153 Heap-buffer-overflow in od_ec_dec_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67184 Crash type: Heap-buffer-overflow READ 1 Crash state: odecdecinit aomreaderinit tileworkerhookinit...

OSV-2024-144 UNKNOWN READ in spvtools::val::ValidateAccessChain

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66956 Crash type: UNKNOWN READ Crash state: spvtools::val::ValidateAccessChain spvtools::val::MemoryPass spvtools::val::ValidateBinaryUsingContextAndValidationState...

OSV-2024-142 Heap-buffer-overflow in gf_gz_decompress_payload_ex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67043 Crash type: Heap-buffer-overflow WRITE 1 Crash state: gfgzdecompresspayloadex gfisomboxparseex gfisomboxarrayread...

OSV-2024-140 Container-overflow in WasmEdge::LLVM::Compiler::compile

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67006 Crash type: Container-overflow READ 8 Crash state: WasmEdge::LLVM::Compiler::compile WasmEdge::LLVM::Compiler::compile WasmEdge::Driver::FuzzTool...

OSV-2024-138 Security exception in com.github.javaparser.GeneratedJavaParser.Expression

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67005 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/java.util.concurrent.ConcurrentHashMap.putVal java.base/java.util.concurrent.ConcurrentHashMap.putIfAbsent...

PT-2024-40647 · Wasmedge · Wasmedge

Name of the Vulnerable Software and Affected Versions: WasmEdge affected versions not specified Description: A crash issue was identified in WasmEdge, related to a container-overflow read. The issue occurs in the compile function of the WasmEdge::LLVM::Compiler module, which is called by...

OSV-2024-137 Global-buffer-overflow in igraph_dl_yylex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66992 Crash type: Global-buffer-overflow READ 2 Crash state: igraphdlyylex igraphdlyyparse igraphreadgraphdl...

OSV-2024-135 Heap-buffer-overflow in BS_ReadByte

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66949 Crash type: Heap-buffer-overflow READ 1 Crash state: BSReadByte gfbsreadu8 dumpsei...

OSV-2024-120 Security exception in com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66743 Crash type: Security exception Crash state: com.spotify.docker.client.shaded.com.fasterxml.jackson.databind.util.TokenBuffer java.base/java.lang.StringCoding.encode java.base/java.lang.String.getBytes...