cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs

Impact cert-manager packages which call the standard library pem.Decode function can take a long time to process specially crafted invalid PEM data. If an attacker is able to modify PEM data which cert-manager reads e.g. in a Secret resource, they may be able to use large amounts of CPU in the...

GHSA-R4PG-VG54-WXX4 cert-manager ha a potential slowdown / DoS when parsing specially crafted PEM inputs

Impact cert-manager packages which call the standard library pem.Decode function can take a long time to process specially crafted invalid PEM data. If an attacker is able to modify PEM data which cert-manager reads e.g. in a Secret resource, they may be able to use large amounts of CPU in the...

OSV-2020-1768 Memcpy-param-overlap in zend_lex_tstring

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23547 Crash type: Memcpy-param-overlap Crash state: zendlextstring zendparse zendcompile...

sqlite3:ossfuzz: Use-of-uninitialized-value in sqlite3Atoi64

Detailed Report: https://oss-fuzz.com/testcase?key=5200300586303488 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3Atoi64 computeNumericType numericType...

libyal:libolecf_file_fuzzer: Use-of-uninitialized-value in libolecf_io_handle_read_directory_entries

Detailed Report: https://oss-fuzz.com/testcase?key=5080423911391232 Project: libyal Fuzzing Engine: libFuzzer Fuzz Target: libolecffilefuzzer Job Type: libfuzzermsanlibyal Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: libolecfiohandlereaddirectoryentries...

sqlite3:ossfuzz: Use-of-uninitialized-value in sqlite3Atoi64

Detailed Report: https://oss-fuzz.com/testcase?key=4899130430980096 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3Atoi64 computeNumericType numericType...

sqlite3:ossfuzz: Heap-buffer-overflow in whereLoopAddBtreeIndex

Detailed Report: https://oss-fuzz.com/testcase?key=6503337062301696 Project: sqlite3 Fuzzing Engine: honggfuzz Fuzz Target: ossfuzz Job Type: honggfuzzasansqlite3 Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address: 0x60f0000003b8 Crash State: whereLoopAddBtreeIndex...

sqlite3:ossfuzz: Use-of-uninitialized-value in sqlite3Atoi64

Detailed Report: https://oss-fuzz.com/testcase?key=5706433432911872 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3Atoi64 computeNumericType numericType...

ffmpeg:ffmpeg_AV_CODEC_ID_HYMT_fuzzer: Heap-buffer-overflow in add_left_pred_c

Project: https://git.ffmpeg.org/ffmpeg.git Detailed Report: https://oss-fuzz.com/testcase?key=5135996772679680 Project: ffmpeg Fuzzing Engine: honggfuzz Fuzz Target: ffmpegAVCODECIDHYMTfuzzer Job Type: honggfuzzasanffmpeg Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1 Crash Address:...

sqlite3:ossfuzz: Use-of-uninitialized-value in sqlite3Atoi64

Detailed Report: https://oss-fuzz.com/testcase?key=5676952943067136 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3Atoi64 computeNumericType numericType...

sqlite3:ossfuzz: Heap-use-after-free in sqlite3VdbeAddFunctionCall

Detailed Report: https://oss-fuzz.com/testcase?key=5707309678592000 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzerasani386sqlite3 Platform Id: linux Crash Type: Heap-use-after-free WRITE 4 Crash Address: 0xf4d37e80 Crash State: sqlite3VdbeAddFunctionCall...

sqlite3:ossfuzz: Heap-use-after-free in sqlite3GenerateConstraintChecks

Detailed Report: https://oss-fuzz.com/testcase?key=5092981682208768 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzerasansqlite3 Platform Id: linux Crash Type: Heap-use-after-free READ 2 Crash Address: 0x61d000002642 Crash State: sqlite3GenerateConstraintChecks...

sqlite3:ossfuzz: Heap-buffer-overflow in instrFunc

Detailed Report: https://oss-fuzz.com/testcase?key=5761066553835520 Project: sqlite3 Fuzzing Engine: libFuzzer Fuzz Target: ossfuzz Job Type: libfuzzerasansqlite3 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6020000007d8 Crash State: instrFunc sqlite3VdbeExec...

ffmpeg/ffmpeg_AV_CODEC_ID_LIBFDK_AAC_fuzzer: Index-out-of-bounds in prepareDrcGain

Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=5756080707076096 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDLIBFDKAACfuzzer Fuzz target binary: ffmpegAVCODECIDLIBFDKAACfuzzer Job Type: libfuzzerubsanffmpeg Platform Id: linux Crash Type:...

sqlite3/ossfuzz: Use-of-uninitialized-value in accessPayload

Detailed report: https://oss-fuzz.com/testcase?key=5638835947438080 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: accessPayload vdbeMemFromBtreeResiz...

sqlite3/ossfuzz: Use-of-uninitialized-value in sqlite3VdbeMemValidStrRep

Detailed report: https://oss-fuzz.com/testcase?key=5678870243573760 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3VdbeMemValidStrRep...

sqlite3/ossfuzz: Use-of-uninitialized-value in accessPayload

Detailed report: https://oss-fuzz.com/testcase?key=5707266847670272 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: accessPayload vdbeMemFromBtreeResiz...

sqlite3/ossfuzz: Use-of-uninitialized-value in accessPayload

Detailed report: https://oss-fuzz.com/testcase?key=5649176925306880 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: accessPayload vdbeMemFromBtreeResiz...

sqlite3/ossfuzz: Use-of-uninitialized-value in corruptSchema

Detailed report: https://oss-fuzz.com/testcase?key=5153397250981888 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: corruptSchema sqlite3InitCallback...

sqlite3/ossfuzz: Use-of-uninitialized-value in sqlite3ExprCollSeq

Detailed report: https://oss-fuzz.com/testcase?key=5684890744913920 Project: sqlite3 Fuzzer: libFuzzersqlite3ossfuzz Fuzz target binary: ossfuzz Job Type: libfuzzermsansqlite3 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: sqlite3ExprCollSeq...