Zjuchenyuan

**Nome do Software Vulnerável e Versões Afetadas** Versões do Gogs anteriores à 0.14.2 **Descrição** O Gogs, um serviço Git autohospedado, apresenta uma falha na qual objetos do Armazenamento de Arquivos Grandes (LFS) podem ser sobrescritos maliciosamente em diferentes repositórios. Isso ocorre devido à falta de isolamento na forma como os objetos LFS são armazenados, já que os IDs dos repositórios não são concatenados ao caminho de armazenamento. Além disso, o Gogs não verifica o hash SHA-256 dos arquivos LFS carregados, permitindo que atacantes injetem conteúdo malicioso. Um atacante pode explorar isso ao carregar um objeto LFS manipulado em seu repositório, o que sobrescreve o objeto LFS no repositório de outro usuário. Isso pode levar a um ataque na cadeia de suprimentos, já que os usuários que baixam objetos LFS da página da web não recebem nenhum aviso sobre o conteúdo alterado. O endpoint da API '/api/v1/repos/{owner}/{repo}/lfs/objects' está envolvido no processo de upload, e a variável `oid` identifica o objeto LFS. A função `upload` é utilizada para gerenciar o processo de upload. **Recomendações** As versões anteriores à 0.14.2 devem ser atualizadas para a versão 0.14.2 ou posterior para resolver este problema.

**Name of the Vulnerable Software and Affected Versions** ncurses versions prior to 6.1-20191012 **Description** The issue is related to a heap-based buffer over-read in the `fmt entry` function in `tinfo/comp hash.c` of the terminfo library. This could allow a remote attacker to disclose protected information and cause a denial of service. **Recommendations** For versions prior to 6.1-20191012, update to version 6.1-20191012 or later to resolve the issue. As a temporary workaround, consider restricting access to the `fmt entry` function in `tinfo/comp hash.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.32 **Description** The issue is related to the `find abstract instance` function in the `dwarf2.c` component of the BFD library, which is part of GNU Binutils. It allows remote attackers to cause a denial of service by triggering infinite recursion and application crash via a crafted ELF file. This is due to uncontrolled recursion in the `find abstract instance` function. **Recommendations** For GNU Binutils version 2.32, consider avoiding the use of the `find abstract instance` function in the `dwarf2.c` component until a patch is available. As a temporary workaround, restrict the processing of crafted ELF files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.32 **Description** The issue is related to an integer overflow in the Binary File Descriptor (BFD) library, specifically in the ` bfd dwarf2 find nearest line` function in `dwarf2.c`. This can lead to a segmentation fault (SEGV). The vulnerability is also described as affecting the ` bfd dwarf2 slurp debug info` function and is related to an integer overflow, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For GNU Binutils version 2.32, consider updating to a newer version that addresses the integer overflow issue in the BFD library. As a temporary workaround, consider restricting access to the `dwarf2.c` component or the ` bfd dwarf2 find nearest line` and ` bfd dwarf2 slurp debug info` functions to minimize the risk of exploitation.