Catenacyber

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 10.11.0 through 10.11.8 **Description** Mattermost versions 10.11.x up to and including 10.11.8 do not properly validate the size of input before processing hashtags. This allows an authenticated attacker to consume excessive CPU resources by sending a single HTTP request containing a post with a large number of space-separated tokens. The issue involves insufficient input validation when handling hashtags, potentially leading to a denial-of-service condition. **Recommendations** Update to a version later than 10.11.8.

**Name of the Vulnerable Software and Affected Versions** Suricata versions 8.0.0 through 8.0.2 **Description** Suricata is a network IDS, IPS and NSM engine. An inefficiency in http1 headers parsing, present in versions starting from 8.0.0 and prior to 8.0.3, can cause performance slowdown when processing multiple packets. Version 8.0.3 resolves this issue. **Recommendations** Update to Suricata version 8.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** Suricata versions prior to 8.0.3 Suricata versions prior to 7.0.14 **Description** Suricata is a network IDS, IPS and NSM engine. A stack buffer overflow can occur while saving a dataset due to the use of a stack buffer to prepare the data. If the data in the dataset is too large, this can lead to a stack overflow. Exploitation of this issue may allow a remote attacker to cause a denial of service or potentially achieve code execution. **Recommendations** Update Suricata to version 8.0.3 or later. Update Suricata to version 7.0.14 or later. As a workaround, do not use rules with datasets `save` nor `state` options.

**Name of the Vulnerable Software and Affected Versions** Cloudflare quiche versions 0.15.0 through 0.24.5 **Description** Cloudflare quiche is susceptible to an infinite loop when processing packets containing `RETIRE CONNECTION ID` frames. QUIC connections utilize connection identifiers (IDs) with sequence numbers to maintain synchronization between peers. An unauthenticated remote attacker can trigger this issue by sending specially crafted frames after completing a handshake, causing the victim to enter an infinite loop when attempting to send packets with `RETIRE CONNECTION ID` frames. This occurs due to a design feature supporting retirement across paths while maintaining connection ID synchronization. **Recommendations** Cloudflare quiche versions prior to 0.24.5 are affected. Upgrade to version 0.24.5 or later to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** SoftEtherVPN versions 5.02.5184 through 5.02.5187 **Description** The issue is related to a NULL dereference in the `DeleteIPv6DefaultRouterInRA` function called by `StorePacket`. This occurs because `DeleteIPv6DefaultRouterInRA` does not account for `ParsePacket` returning NULL, resulting in the program crashing. **Recommendations** For versions 5.02.5184 through 5.02.5187, as a temporary workaround, consider disabling the `DeleteIPv6DefaultRouterInRA` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Suricata versions (affected versions not specified) **Description** The issue is related to an infinite loop that can occur with negated pcre and an indefinite recursion limit setting. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zabbix Agent 2 (affected versions not specified) **Description** The issue is related to the Zabbix Agent 2 item key `smart.disk.get` not sanitizing its parameters before passing them to a shell command, which could lead to remote code execution. This vulnerability may allow a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DNS server (affected versions not specified) **Description** The issue is caused by an improper check for RDLENGTH overflow in the buffer in response from the DNS server. This can lead to a buffer overflow. The vulnerability is related to insufficient checking of exceptional states in the DNS Response Handler component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Zabbix (affected versions not specified) **Description** The issue is related to errors in processing input data in the icmpping function of the Zabbix monitoring system. This can allow a remote attacker to execute arbitrary code. An attacker with privileges to configure Zabbix items can use the icmpping() function with an additional malicious command to achieve this. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mattermost versions 7.1.x and earlier **Description** The issue arises when a specifically crafted GIF file is uploaded while drafting a post, allowing authenticated users to cause resource exhaustion during file processing. This results in a server-side Denial of Service. **Recommendations** For Mattermost versions 7.1.x and earlier, update to a version that includes a fix for this issue to prevent resource exhaustion and Denial of Service attacks. As a temporary workaround, consider restricting the upload of GIF files while drafting posts until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Go versions prior to 1.17.13 Go versions prior to 1.18.5 **Description** Decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service. A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go. **Recommendations** For Go versions prior to 1.17.13, update to version 1.17.13 or later to resolve the issue. For Go versions prior to 1.18.5, update to version 1.18.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of `Float.GobDecode` and `Rat.GobDecode` functions until a patch is available.