Anticomputer

**Name of the Vulnerable Software and Affected Versions** cmark-gfm versions prior to 0.29.0.gfm.12 **Description** The issue concerns a polynomial time complexity problem in multiple components, including the autolink extension, handle close bracket, and parsing of certain text patterns, which may lead to unbounded resource exhaustion and subsequent denial of service. An out-of-bounds read in the `validate protocol` function was also identified. **Recommendations** For versions prior to 0.29.0.gfm.7, update to version 0.29.0.gfm.7 or later to resolve the issue. For versions prior to 0.29.0.gfm.10, update to version 0.29.0.gfm.10 or later to ensure all patches are applied. For versions prior to 0.29.0.gfm.12, update to version 0.29.0.gfm.12 to apply the latest security patches. As a temporary workaround, consider validating input from trusted sources if upgrading is not immediately possible.

**Name of the Vulnerable Software and Affected Versions** cmark-gfm versions prior to 0.29.0.gfm.6 **Description** A polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users can verify the patch by running `python3 -c 'print("![l"* 100000 + " ")' | ./cmark-gfm -e autolink`, which will resource exhaust on unpatched cmark-gfm but render correctly on patched cmark-gfm. **Recommendations** To resolve the issue, users are advised to upgrade to version 0.29.0.gfm.6 or later. Users unable to upgrade should disable the use of the autolink extension as a temporary workaround.

Name of the Vulnerable Software and Affected Versions: png-img versions prior to 3.1.0 Description: The issue is caused by an integer overflow in the PngImg::InitStorage () function, leading to under-allocation of heap memory. This results in a heap-based buffer overflow when a crafted PNG file is loaded. Recommendations: For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the PngImg::InitStorage () function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** nDPI versions 3.2 Stable and earlier **Description** The SSH protocol dissector in nDPI has multiple KEXINIT integer overflows, resulting in a controlled remote heap overflow in `concat hash string` in `ssh.c`. This issue can be exploited to achieve full Remote Code Execution against any network inspection stack linked against nDPI that uses it for network traffic analysis. **Recommendations** For nDPI versions 3.2 Stable and earlier, consider disabling the SSH protocol dissector as a temporary workaround until a patch is available. Restrict access to the `ssh.c` module to minimize the risk of exploitation. Avoid using the `concat hash string` function in the affected SSH protocol dissector until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** nDPI versions 3.2 Stable and earlier **Description** The issue allows a network-positioned attacker to exploit an out-of-bounds read in `concat hash string` in `ssh.c` by sending malformed SSH protocol messages on a network segment monitored by nDPI's library. **Recommendations** For nDPI versions 3.2 Stable and earlier, consider restricting access to the `ssh.c` module to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the `concat hash string` function in the affected `ssh.c` file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.