hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.
{ "vanir_signatures": [ { "deprecated": false, "signature_type": "Function", "source": "https://github.com/hoene/libmysofa/commit/e07edb39e9ecc796127cd748ada4a4bac88cb5d2", "signature_version": "v1", "target": { "file": "src/hdf/fractalhead.c", "function": "directblockRead" }, "digest": { "function_hash": "328880872378914765005939255405185543561", "length": 4260.0 }, "id": "CVE-2019-20063-404f19df" }, { "deprecated": false, "signature_type": "Line", "source": "https://github.com/hoene/libmysofa/commit/e07edb39e9ecc796127cd748ada4a4bac88cb5d2", "signature_version": "v1", "target": { "file": "src/hdf/fractalhead.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "327450119867057413196112788322635289809", "9142477717232231720464254396353794803", "306551394601581249222330059303544984997", "212725765374736972277751008736718580393", "147841328434198515238758014161611012765", "78431079500622347637056678094094913883", "324854849121731529451832255446721945828", "174166082281745376657080985686173605776", "71892231947832118433842673422764894367", "66772769027897273435728406033142410531", "229786284638814089070613681383340953847", "89022206491473755382512861302976300312", "214661617457306383570695756895132914755", "50268361982437051317672594679221604193", "37314421827654367695053394627950461639" ] }, "id": "CVE-2019-20063-b5de98d4" } ] }