readstat/fuzz_format_dta: Stack-buffer-overflow in readstat_convert

Project: https://github.com/WizardMac/ReadStat.git Detailed report: https://oss-fuzz.com/testcase?key=5730197242904576 Project: readstat Fuzzer: aflreadstatfuzzformatdta Fuzz target binary: fuzzformatdta Job Type: aflasanreadstat Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash...

readstat/fuzz_format_sav: Heap-buffer-overflow in rt_read_handler

Project: https://github.com/WizardMac/ReadStat.git Detailed report: https://oss-fuzz.com/testcase?key=5656109291929600 Project: readstat Fuzzer: aflreadstatfuzzformatsav Fuzz target binary: fuzzformatsav Job Type: aflasanreadstat Platform Id: linux Crash Type: Heap-buffer-overflow WRITE Crash...

readstat/fuzz_format_por: Index-out-of-bounds in read_missing_value_record

Project: https://github.com/WizardMac/ReadStat.git Detailed report: https://oss-fuzz.com/testcase?key=5652147318816768 Project: readstat Fuzzer: libFuzzerreadstatfuzzformatpor Fuzz target binary: fuzzformatpor Job Type: libfuzzerubsanreadstat Platform Id: linux Crash Type: Index-out-of-bounds Cra...

openthread/ip6-send-fuzzer: Index-out-of-bounds in ot::Coap::Message::ParseHeader

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5162663452082176 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Crash Type:...

Updated python-django packages fix security vulnerability

An upstream patch has been backported to fix a security vulnerability in python-django. CVE-2019-3498: Content spoofing possibility in the default 404 page An attacker could craft a malicious URL that could make spoofed content appear on the default page generated by the...

imagemagick/encoder_ept3_fuzzer: Use-of-uninitialized-value in WriteBlob

Detailed report: https://oss-fuzz.com/testcase?key=5085775568306176 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderept3fuzzer Fuzz target binary: encoderept3fuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

libidn2/libidn2_to_ascii_8z_fuzzer: Heap-buffer-overflow in idn2_to_ascii_4i

Project: https://gitlab.com/libidn/libidn2.git Detailed report: https://oss-fuzz.com/testcase?key=5644466457673728 Project: libidn2 Fuzzer: libFuzzerlibidn2toascii8zfuzzer Fuzz target binary: libidn2toascii8zfuzzer Job Type: libfuzzerasanlibidn2 Platform Id: linux Crash Type: Heap-buffer-overflow...

libxml2/libxml2_xml_reader_for_file_fuzzer: Heap-double-free in xmlFreeID

Project: https://gitlab.gnome.org/GNOME/libxml2.git Detailed report: https://oss-fuzz.com/testcase?key=5633679915745280 Project: libxml2 Fuzzer: afllibxml2xmlreaderforfilefuzzer Fuzz target binary: libxml2xmlreaderforfilefuzzer Job Type: aflasanlibxml2 Platform Id: linux Crash Type:...

tidy-html5/tidy_fuzzer: Use-of-uninitialized-value in PPrintText

Project: https://github.com/htacg/tidy-html5.git Detailed report: https://oss-fuzz.com/testcase?key=5705060225384448 Project: tidy-html5 Fuzzer: libFuzzertidy-html5tidyfuzzer Fuzz target binary: tidyfuzzer Job Type: libfuzzermsantidy-html5 Platform Id: linux Crash Type: Use-of-uninitialized-value...

poppler/pdf_fuzzer: Use-of-uninitialized-value in JBIG2Stream::readTextRegionSeg

Project: https://anongit.freedesktop.org/git/poppler/poppler.git Detailed report: https://oss-fuzz.com/testcase?key=5747049128001536 Project: poppler Fuzzer: libFuzzerpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanpoppler Platform Id: linux Crash Type: Use-of-uninitialized-value...

harfbuzz/hb-subset-fuzzer: Heap-double-free in hb_vector_t<CFF::op_str_t, 8u>::fini

Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5695865298092032 Project: harfbuzz Fuzzer: libFuzzerhb-subset-fuzzer Fuzz target binary: hb-subset-fuzzer Job Type: libfuzzerasanharfbuzz Platform Id: linux Crash Type: Heap-double-free Crash...

clamav/clamav_scanmap_OLE2_fuzzer: Heap-buffer-overflow in uniq_add

Detailed report: https://oss-fuzz.com/testcase?key=5744082379341824 Project: clamav Fuzzer: aflclamavscanmapOLE2fuzzer Fuzz target binary: clamavscanmapOLE2fuzzer Job Type: aflasanclamav Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 4 Crash Address: 0x60c000000e48 Crash State: uniqadd...

h2o/h2o-fuzzer-http2: Heap-buffer-overflow in emit_writereq_of_openref

Project: https://github.com/h2o/h2o.git Detailed report: https://oss-fuzz.com/testcase?key=5130696692072448 Project: h2o Fuzzer: aflh2o-fuzzer-http2 Fuzz target binary: h2o-fuzzer-http2 Job Type: aflasanh2o Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash Address: 0x60b0000001c8...

graphicsmagick/coder_PICT_fuzzer: Heap-buffer-overflow in ExpandBuffer

Project: http://hg.code.sf.net/p/graphicsmagick/code Detailed report: https://oss-fuzz.com/testcase?key=5748073695805440 Project: graphicsmagick Fuzzer: aflcoderPICTfuzzer Fuzz target binary: coderPICTfuzzer Job Type: aflasangraphicsmagick Platform Id: linux Crash Type: Heap-buffer-overflow READ ...

imagemagick/ping_mvg_fuzzer: Use-of-uninitialized-value in StringInfoToHexString

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5717227240685568 Project: imagemagick Fuzzer: libFuzzerimagemagickpingmvgfuzzer Fuzz target binary: pingmvgfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

harfbuzz/hb-shape-fuzzer: Stack-buffer-overflow in hb_array_t<char const>::cmp

Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=5642666339991552 Project: harfbuzz Fuzzer: libFuzzerharfbuzzhb-shape-fuzzer Fuzz target binary: hb-shape-fuzzer Job Type: libfuzzerasanharfbuzz Platform Id: linux Crash Type: Stack-buffer-overflow...

openvswitch/ofctl_parse_target: Heap-buffer-overflow in learn_check

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5640179956580352 Project: openvswitch Fuzzer: libFuzzeropenvswitchofctlparsetarget Fuzz target binary: ofctlparsetarget Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

skia/image_filter_deserialize: Heap-buffer-overflow in Convexicator::BySign

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5700664101961728 Project: skia Fuzzer: libFuzzerskiaimagefilterdeserialize Fuzz target binary: imagefilterdeserialize Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Heap-buffer-overflow...

imagemagick/ping_mvg_fuzzer: Heap-buffer-overflow in CopyMagickString

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5763296301416448 Project: imagemagick Fuzzer: aflimagemagickpingmvgfuzzer Fuzz target binary: pingmvgfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow...

skia/android_codec: Use-of-uninitialized-value in sse2::blit_row_s32a_opaque

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5690776718147584 Project: skia Fuzzer: libFuzzerskiaandroidcodec Fuzz target binary: androidcodec Job Type: libfuzzermsanskia Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...