OSV-2023-1344 Heap-buffer-overflow in jv_string_vfmt

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65198 Crash type: Heap-buffer-overflow READ 2 Crash state: jvstringvfmt jvstringfmt jvget...

OSV-2023-1338 Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65230 Crash type: Security exception Crash state: com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr java.base/sun.nio.cs.UTF8.updatePositions java.base/sun.nio.cs.UTF8$Encoder.encodeArrayLoop...

OSV-2023-1329 Stack-buffer-overflow in decNaNs

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65130 Crash type: Stack-buffer-overflow WRITE 2 Crash state: decNaNs decCompareOp decNumberCompare...

OSV-2023-1328 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65128 Crash type: Stack-buffer-overflow WRITE 1 Crash state: icu75::TZDBTimeZoneNames::getMetaZoneNames icu75::TZDBTimeZoneNames::getMetaZoneDisplayName TestNames...

OSV-2023-1327 Security exception in com.github.javaparser.CommentsInserter.insertComments

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65140 Crash type: Security exception Crash state: com.github.javaparser.CommentsInserter.insertComments java.base/java.util.Objects.equals com.github.javaparser.Position.equals...

OSV-2023-1325 UNKNOWN WRITE in zero

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65135 Crash type: UNKNOWN WRITE Crash state: zero zendexecute fuzzerdorequestfrombuffer...

OSV-2023-1322 UNKNOWN READ in ih264d_filter_boundary_left_nonmbaff

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65132 Crash type: UNKNOWN READ Crash state: ih264dfilterboundaryleftnonmbaff ih264ddeblockmbnonmbaff ih264ddecoderecontfrnmb...

OSV-2023-1320 Heap-use-after-free in memory_bstat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65108 Crash type: Heap-use-after-free READ 8 Crash state: memorybstat bfdgetsize bfdgetfilesize...

OSV-2023-1315 Heap-use-after-free in htmlParseDocument

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65112 Crash type: Heap-use-after-free READ 1 Crash state: htmlParseDocument htmlDoRead htmlCtxtReadMemory...

OSV-2023-1312 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65059 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert isvcdvideodecode isvcdapifunction...

OSV-2023-1311 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65057 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert ih264ddecodepicturethread...

OSV-2023-1307 UNKNOWN READ in init_struct_ops_maps

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65047 Crash type: UNKNOWN READ Crash state: initstructopsmaps bpfobjectinitmaps bpfobjectopen...

OSV-2023-1306 Heap-use-after-free in pcpp::TLVRecordReader<pcpp::DhcpOption>::getTLVRecord

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65051 Crash type: Heap-use-after-free READ 1 Crash state: pcpp::TLVRecordReader::getTLVRecord pcpp::DhcpLayer::toString pcpp::Packet::toStringList...

OSV-2023-1305 Check failed in CheckUnwind

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65035 Crash type: Check failed Crash state: CheckUnwind ivalignedfree ih264dfreedynamicbufs...

OSV-2023-1303 Heap-use-after-free in htmlCurrentChar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65043 Crash type: Heap-use-after-free READ 1 Crash state: htmlCurrentChar htmlParseComment htmlParseDocument...

OSV-2023-1302 Global-buffer-overflow in pcre_get_compiled_regex_cache_ex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65030 Crash type: Global-buffer-overflow READ 1 Crash state: pcregetcompiledregexcacheex phpreplaceinsubject pregreplacecommon...

OSV-2023-1300 Security exception in com.fasterxml.jackson.core.JsonParser.currentName

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65024 Crash type: Security exception Crash state: com.fasterxml.jackson.core.JsonParser.currentName com.fasterxml.jackson.dataformat.yaml.YAMLParser.currentName com.fasterxml.jackson.dataformat.yaml.YAMLParser.getCurrentName...

OSV-2023-1299 Global-buffer-overflow in pcre_get_compiled_regex_cache_ex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65021 Crash type: Global-buffer-overflow READ 1 Crash state: pcregetcompiledregexcacheex phpdopcrematch zifpregmatch...

OSV-2023-1298 Heap-buffer-overflow in loongarch_split_args_by_comma

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65018 Crash type: Heap-buffer-overflow READ 1 Crash state: loongarchsplitargsbycomma printinsnloongarch disassemblesection...

OSV-2023-1295 Global-buffer-overflow in libraw_tagtype_dataunit_bytes

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65027 Crash type: Global-buffer-overflow READ 4 Crash state: librawtagtypedataunitbytes checkedbuffert::tiffsget LibRaw::parseSonySR2...