21 matches found
OSV-2025-467 Security exception in java.base/java.lang.StringUTF16.newBytesFor
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=424839378 Crash type: Security exception Crash state: java.base/java.lang.StringUTF16.newBytesFor java.base/java.lang.AbstractStringBuilder.inflate java.base/java.lang.AbstractStringBuilder.append...
PT-2024-40636 · Git +1 · Checker-Framework
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the org.checkerframework.checker.formatter.util.FormatUtil.formatParameterCategories function, as part...
PT-2024-40589 · Oracle · Java.Base
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving methods in java.base, specifically java.util.Arrays.copyOfRange, java.lang.StringUTF16.newString, and...
PT-2024-40582 · Git +1 · Maven-Model
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the java.base/java.util.Arrays.copyOfRange, java.base/java.lang.StringUTF16.newString, and...
PT-2024-40813 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash has been reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and related Java...
PT-2024-40777 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and...
PT-2024-40747 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception occurs in the ASCIIFoldingFilter class, specifically in the foldToASCII and incrementToken methods. This issue is related to a crash type of security exception...
PT-2024-40701 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java versions affected versions not specified Description: A security exception crash has been reported. The crash occurs in the java.base/java.util.Arrays.copyOf and java.base/java.util.ArrayList.grow functions. Recommendations: At the momen...
PT-2023-35613 · Git +1 · Apache Commons Lang
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the jaz.Zer class with methods reportFinding, reportFindingIfEnabled, and readObject. No information i...
PT-2023-35583 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...
PT-2023-35580 · Unknown +1 · Com.Puppycrawl.Tools.Checkstyle +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash has been reported, involving the com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr and...
PT-2023-36052 · Git +1 · Apache Poi
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the java.base/java.util.Arrays.copyOf, java.base/java.lang.AbstractStringBuilder.ensureCapacityInterna...
PT-2023-35994 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported. The crash involves the org.apache.lucene.util.BytesRefBuilder constructor, and the clone methods of...
PT-2023-35988 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: A security exception crash has been reported. The crash involves the insertComments function in com.github.javaparser.CommentsInserter, and the equals method in java.base/java.util.Objec...
PT-2023-35926 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: The issue is related to a security exception in the Java java.util.regex package, specifically in the Pattern$GroupTail.match function. The crash occurs when the BufferedWriter attempts to wri...
PT-2023-35896 · Unknown · Javaparser
Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the JavaParser library. A crash occurs due to a security exception, with the crash state involving the TreeVisitorValidator.accept and...
PT-2023-35834 · Apache · Apache Lucene
Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...
PT-2022-36794 · Git +1 · Hamcrest
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the com.code intelligence.jazzer.sanitizers.RegexInjection class and its methods hookInternal and...
PT-2022-36709 · Oracle · Java.Base
Name of the Vulnerable Software and Affected Versions: java.base affected versions not specified Description: A security exception crash has been reported. The crash occurs in the jaz.Zer class during the initialization process, specifically in the java.lang.Class.forName0 and...
PT-2022-37289 · Git +1 · Xstream
Name of the Vulnerable Software and Affected Versions: No specific software or version information is provided in the input descriptions. Description: A security exception crash has been reported, involving the com.ctc.wstx.dtd.FullDTDReader.readContentSpec function, which is related to reading...