Cody Winkler

**Name of the Vulnerable Software and Affected Versions** LinuxKI versions 6.0-1 and earlier **Description** The issue is related to the lack of input data sanitization in the LinuxKI operating system, which can be exploited by a remote attacker to perform cross-site scripting (XSS) attacks. **Recommendations** For LinuxKI versions 6.0-1 and earlier, update to release 6.0-2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** LinuxKI versions 6.0-1 and earlier **Description** The issue is related to insecure privilege management in the LinuxKI operating system. This allows a remote attacker to execute arbitrary code. The problem is resolved in release 6.0-2. **Recommendations** For LinuxKI versions 6.0-1 and earlier, update to release 6.0-2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Gnome Fonts Viewer version 3.34.0 **Description** Gnome Fonts Viewer version 3.34.0 contains a heap corruption issue that allows attackers to trigger an out-of-bounds write by using a malicious TTF font file. An attacker can create a specially crafted TTF file with an oversized pattern, which can lead to an infinite `malloc()` loop and potentially crash the `gnome-font-viewer` process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.