Cool-Tomato

**Name of the Vulnerable Software and Affected Versions** LibOFX version 0.9.14 **Description** An issue was discovered in LibOFX. There is a NULL pointer dereference in the function `OFXApplication::startElement` in the file `lib/ofx sgml.cpp`, as demonstrated by `ofxdump`. **Recommendations** For LibOFX version 0.9.14, consider avoiding the use of the `OFXApplication::startElement` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, where a stack-based buffer over-read occurs in the `InflateDimensions()` function in `inflate.c` when called from `ReadNextCell` in `mat5.c`. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, where there is an out-of-bounds read that results in a SEGV in the `Mat VarReadNextInfo5()` function. **Recommendations** For matio version 1.5.13, consider avoiding the use of the `Mat VarReadNextInfo5()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, specifically a stack-based buffer over-read in the `Mat VarReadNextInfo5()` function in mat5.c. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, where there is a NULL pointer dereference in the `Mat VarFree()` function in mat.c. **Recommendations** For matio version 1.5.13, consider avoiding the use of the `Mat VarFree()` function until a patch is available. As a temporary workaround, restrict access to the mat.c module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, specifically in the libmatio.a component. The problem is an out-of-bounds write that causes a segmentation fault (SEGV) in the `Mat VarFree()` function, located in mat.c. **Recommendations** For matio version 1.5.13, consider restricting access to the `Mat VarFree()` function until a patch is available. As a temporary workaround, avoid using the `Mat VarFree()` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio version 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, where a stack-based buffer over-read occurs for the "Rank and Dimension" feature in the function ReadNextCell() in mat5.c. **Recommendations** For matio version 1.5.13, consider restricting access to the ReadNextCell() function in mat5.c until a patch is available.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, where a stack-based buffer over-read occurs for a memcpy in the `ReadNextCell()` function in mat5.c. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, where a stack-based buffer over-read occurs in the `ReadNextStructField()` function in mat5.c. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** A heap-based buffer overflow issue was found in the `ReadNextFunctionHandle()` function in mat5.c. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** A buffer over-read issue was discovered in the `Mat VarPrint()` function in mat.c. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** An issue was discovered in the MAT File I/O Library, specifically in the libmatio.a component. The problem is an out-of-bounds read that results in a segmentation fault (SEGV) in the `ReadNextCell()` function, located in the mat5.c file. **Recommendations** For matio version 1.5.13, as a temporary workaround, consider disabling the `ReadNextCell()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** A heap-based buffer overflow issue exists in the InflateVarName() function, located in inflate.c, which is called from ReadNextCell in mat5.c. This issue can be exploited when processing certain input. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** matio versions 1.5.13 **Description** A heap-based buffer overflow issue exists in the function ReadNextCell() in mat5.c. **Recommendations** For matio version 1.5.13, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** cairo version 1.16.0 **Description** An issue was discovered in the function ` cairo arc in direction` in the file `cairo-arc.c`, which is related to an assertion problem. **Recommendations** For cairo version 1.16.0, consider restricting access to the ` cairo arc in direction` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libsixel version 1.8.2 **Description** The issue is related to an infinite loop in the `sixel decode raw impl()` function, located in the fromsixel.c file. This has been demonstrated using sixel2png. **Recommendations** For libsixel version 1.8.2, consider avoiding the use of the `sixel decode raw impl()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libsixel version 1.8.2 **Description** The issue is related to a heap-based buffer over-read in the `load jpeg()` function, located in the `loader.c` file. This can be demonstrated by using `img2sixel`. **Recommendations** For libsixel version 1.8.2, consider avoiding the use of the `load jpeg()` function until a patch is available. As a temporary workaround, restrict the use of `img2sixel` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libming version 0.4.8 **Description** An issue was discovered in the `writePNG` function within the `dbl2png` command-line program, specifically in the file `util/dbl2png.c`. This issue involves a heap-based buffer over-read. Due to an erroneous call to `png write row` in `libpng`, there is a potential for an out-of-bounds write to occur under certain memory layouts. **Recommendations** For libming version 0.4.8, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libjpeg-turbo version 2.0.1 **Description** The issue is a heap-based buffer over-read in the `put pixel rows` function, located in the wrbmp.c file. This has been demonstrated using the djpeg tool. **Recommendations** For libjpeg-turbo version 2.0.1, consider updating to a newer version that contains a fix for this issue, as using the affected `put pixel rows` function may pose a risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Exiv2 version 0.27-RC1 **Description** The issue is related to an infinite loop in the Exiv2::Image::printIFDStructure function, which can be triggered by a crafted input. This can lead to a remote denial of service attack. **Recommendations** For Exiv2 version 0.27-RC1, consider disabling the Exiv2::Image::printIFDStructure function until a patch is available to prevent potential denial of service attacks.