PT-2026-20319

Name of the Vulnerable Software and Affected Versions Apache Arrow C++ versions 15.0.0 through 23.0.0 Description A use-after-free issue exists in Apache Arrow C++ when reading an Arrow IPC file with pre-buffering enabled, if the file contains data with variadic buffers like Binary View and Strin...

OSV-2020-974 Heap-buffer-overflow in arrow::Status arrow::VisitArrayInline<arrow::internal::ValidateArrayDataVisitor>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20113 Crash type: Heap-buffer-overflow READ 4 Crash state: arrow::Status arrow::VisitArrayInline arrow::internal::ValidateArrayData arrow::RecordBatch::ValidateFull...

OSV-2020-936 Global-buffer-overflow in arrow::Status arrow::VisitArrayInline<arrow::internal::ValidateArrayDataVisitor>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20181 Crash type: Global-buffer-overflow READ 1 Crash state: arrow::Status arrow::VisitArrayInline arrow::internal::ValidateArrayData arrow::RecordBatch::ValidateFull...

OSV-2020-917 Heap-buffer-overflow in arrow::Status arrow::VisitArrayInline<arrow::internal::ValidateArrayVisitor>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21039 Crash type: Heap-buffer-overflow READ 4 Crash state: arrow::Status arrow::VisitArrayInline arrow::internal::ValidateArray arrow::RecordBatch::Validate...