12 matches found
PT-2025-34466 · Git · Clamav
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=428754704 Crash type: Invalid-free Crash state: pdf decodestream pdf extract obj cli pdf...
PT-2023-35586 · Git +1 · Opensc
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several function calls, including sc file clear acl entries, sc...
PT-2023-36001 · Git +1 · Libredwg
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions: bit chain alloc size, bit write RC, and bit ...
PT-2023-35952 · Git +1 · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions: reset context, finish metric, and cmt decode...
PT-2023-35949 · Git +1 · Ntopng
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves the Flow::Flow and GenericHash::cleanup functions. No informati...
PT-2023-35948 · Git +1 · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions, including reset context and cmt decode...
PT-2023-35897 · Git +1 · Libjpeg-Turbo
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to an Invalid-free crash type. The crash state involves functions such as jpeg free large, jpeg abort, and jpeg finish decompress. No information is provided about...
PT-2023-35859 · Git +1 · Harfbuzz
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several function calls, including hb free impl, OT::glyf:: free...
PT-2023-35831 · Assimp · Assimp
Name of the Vulnerable Software and Affected Versions: Assimp affected versions not specified Description: The issue is related to an Invalid-free crash type. It involves the Assimp::FBX::Scope::Scope and Assimp::FBX::Element::Element functions. No information is provided about the estimated numb...
PT-2023-35733 · Git +1 · Libdwarf
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to an Invalid-free crash type, as reported by OSS-Fuzz. The crash occurs in the fuzz die cu attrs.c file. No information is availabl...
PT-2022-37284 · Git +1 · Swiftnio
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. It involves the NIOHTTP1.HTTPDecoder.didFinishHead function and a protocol witness for...
AZL-35398 CVE-2018-13410 affecting package zip for versions less than 3.0-6
Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service invalid free and application crash or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an...