OSV-2020-1056 Use-of-uninitialized-value in xmlStrlen

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069 Crash type: Use-of-uninitialized-value Crash state: xmlStrlen xmlBufferAdd xmlBufferCat...

libxslt/xslt: Use-of-uninitialized-value in xmlStrlen

Project: https://gitlab.gnome.org/GNOME/libxslt.git Detailed report: https://oss-fuzz.com/testcase?key=5669481868689408 Project: libxslt Fuzzer: libFuzzerlibxsltxslt Fuzz target binary: xslt Job Type: libfuzzermsanlibxslt Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

libxslt/xslt: Use-of-uninitialized-value in xmlStrlen

Project: https://gitlab.gnome.org/GNOME/libxslt.git Detailed report: https://oss-fuzz.com/testcase?key=5197371471822848 Project: libxslt Fuzzer: libFuzzerlibxsltxslt Fuzz target binary: xslt Job Type: libfuzzermsanlibxslt Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

Heap-Based Buffer Overflow In Libxml2

nokogiri gem is using libxml2 which is vulnerable to CVE-2016-1834. The vulnerability exists when xmlStrlen returns a negative length in the xmlStrncat function. Therefore, it may lead to other attacks such as denial of service or arbitrary code execution through a heap-based buffer overflow usin...