Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
OSV-2022-943
  • OSS-Fuzz/perfetto
UNKNOWN WRITE in perfetto::trace_processor::TrackEventParser::ParseTrackDescriptor
  • android-13.0.0_r1
  • android-13.0.0_r2
  • android-13.0.0_r3
  • android-13.0.0_r4
  • android-13.0.0_r5
  • android-13.0.0_r6
  • android-cts-13.0_r1
  • ...
2022-10-05T00:20:09.071203Z Fix available
OSV-2022-331
  • OSS-Fuzz/perfetto
Stack-buffer-overflow in void unwindstack::Symbols::BuildRemapTable<Elf64_Sym>
  • android-11.0.0_r30
  • android-11.0.0_r32
  • android-11.0.0_r33
  • android-11.0.0_r34
  • android-11.0.0_r35
  • android-11.0.0_r36
  • android-11.0.0_r37
  • ...
2022-10-05T00:19:08.078727Z No fix available
OSV-2022-1009
  • OSS-Fuzz/haproxy
Heap-buffer-overflow in parse_line
  • See details.
2022-10-04T00:26:49.172226Z Fix available
OSV-2021-1241
  • OSS-Fuzz/wabt
Heap-buffer-overflow in wabt::string_view::compare
  • 1.0.25
  • test_tag
  • 1.0.26
  • 1.0.27
  • 1.0.28
  • 1.0.29
  • 1.0.30
2022-10-04T00:20:52.692267Z No fix available
OSV-2020-2303
  • OSS-Fuzz/poppler
Use-of-uninitialized-value in Splash::pipeRunSimpleXBGR8
  • poppler-20.12.0
  • poppler-20.12.1
  • poppler-21.01.0
  • poppler-21.02.0
  • poppler-21.03.0
  • poppler-21.04.0
  • poppler-21.05.0
  • ...
2022-10-04T00:20:15.685161Z No fix available
OSV-2022-1013
  • OSS-Fuzz/mapserver
Heap-buffer-overflow in msyylex
  • See details.
2022-10-04T00:00:17.452178Z Fix available
OSV-2021-586
  • OSS-Fuzz/kimageformats
Use-of-uninitialized-value in void intra_prediction_angular<unsigned short>
  • v5.80.0
  • v5.80.0-rc1
  • v5.81.0
  • v5.81.0-rc1
  • v5.81.0-rc2
  • v5.82.0-rc1
  • v5.83.0
  • ...
2022-10-02T00:42:20.231237Z No fix available
OSV-2021-525
  • OSS-Fuzz/kimageformats
Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char>
  • v5.80.0
  • v5.80.0-rc1
  • v5.81.0
  • v5.81.0-rc1
  • v5.81.0-rc2
  • v5.82.0
  • v5.82.0-rc1
  • ...
2022-10-02T00:42:16.902255Z No fix available
OSV-2021-972
  • OSS-Fuzz/kimageformats
UNKNOWN READ in void mc_chroma<unsigned short>
  • v5.80.0
  • v5.80.0-rc1
  • v5.81.0
  • v5.81.0-rc1
  • v5.81.0-rc2
  • v5.82.0-rc1
  • v5.83.0
  • ...
2022-10-02T00:34:19.184971Z No fix available
OSV-2021-948
  • OSS-Fuzz/kimageformats
Use-of-uninitialized-value in residual_coding
  • v5.80.0
  • v5.80.0-rc1
  • v5.81.0
  • v5.81.0-rc1
  • v5.81.0-rc2
  • v5.82.0-rc1
  • v5.83.0
  • ...
2022-10-02T00:34:17.546147Z No fix available
OSV-2021-735
  • OSS-Fuzz/kimageformats
Use-of-uninitialized-value in decode_CABAC_FL_bypass
  • v5.80.0
  • v5.80.0-rc1
  • v5.81.0
  • v5.81.0-rc1
  • v5.81.0-rc2
  • v5.82.0-rc1
  • v5.83.0
  • ...
2022-10-02T00:33:51.288457Z No fix available
OSV-2020-876
  • OSS-Fuzz/kimageformats
Use-of-uninitialized-value in XCFImageFormat::mergeRGBToRGB
  • v5.70.0
  • v5.70.0-rc1
  • v5.71.0
  • v5.71.0-rc1
  • v5.71.0-rc2
  • v5.72.0
  • v5.72.0-rc1
  • ...
2022-10-02T00:32:48.310009Z No fix available
OSV-2020-868
  • OSS-Fuzz/kimageformats
Use-of-uninitialized-value in fetchARGB32ToRGBA64PM_avx2
  • v5.70.0
  • v5.70.0-rc1
  • v5.71.0
  • v5.71.0-rc1
  • v5.71.0-rc2
  • v5.72.0
  • v5.72.0-rc1
  • ...
2022-10-02T00:32:07.149786Z No fix available
OSV-2022-37
  • OSS-Fuzz/tdengine
Heap-buffer-overflow in stringProcess
  • ver-2.5.0.0
  • ver-2.5.0.1
  • ver-2.6.0.0
  • ver-2.6.0.1
  • ver-2.6.0.3-kh
  • ver-2.6.0.4
  • ver-2.6.0.6
  • ...
2022-10-01T07:44:29.010029Z No fix available
OSV-2022-51
  • OSS-Fuzz/c-blosc2
Negative-size-param in ndlz4_decompress
  • v2.0.0
  • v2.0.1
  • v2.0.2
  • v2.0.3
  • v2.0.4
  • v2.1.0
  • v2.1.1
  • ...
2022-10-01T07:37:36.437512Z No fix available
OSV-2022-486
  • OSS-Fuzz/c-blosc2
Heap-buffer-overflow in frame_get_vlmetalayers
  • v2.0.0
  • v2.0.0-rc2
  • v2.0.0.rc1
  • v2.0.1
  • v2.0.2
  • v2.0.3
  • v2.0.4
  • ...
2022-10-01T07:37:34.291384Z No fix available