Dhiraj

**Name of the Vulnerable Software and Affected Versions** GIMP (affected versions not specified) **Description** A flaw exists in GIMP related to integer overflow when processing ICO image files. The issue is present in the `ico read info` and `ico read icon` functions, where a size calculation for image buffers can result in a 32-bit integer overflow. This allows oversized image headers to bypass security checks. An attacker could provide a crafted ICO file, potentially leading to a buffer overflow and memory corruption, resulting in a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Telegram versions prior to 7.4 (212543) Stable on macOS Description: The issue concerns the storage of the local passcode in cleartext, leading to information disclosure. Recommendations: For versions prior to 7.4 (212543) Stable on macOS, update to version 7.4 (212543) Stable or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Telegram versions prior to 7.4 (212543) Stable on macOS Description: The issue concerns the storage of self-destructed messages in a sandbox path on macOS, leading to sensitive information disclosure. Recommendations: For versions prior to 7.4 (212543) Stable on macOS, update to version 7.4 (212543) Stable or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Xpdf version 4.02 **Description** The issue arises from a NULL pointer dereference in Catalog.cc due to the late initialization of Catalog.pageLabels in the Catalog constructor. **Recommendations** For Xpdf version 4.02, ensure that the Catalog.pageLabels is properly initialized before use to prevent the NULL pointer dereference. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Evernote version 7.9 Description: The issue allows attackers to execute arbitrary programs by embedding a reference to a local executable file, such as the /Applications/Calculator.app/Contents/MacOS/Calculator file. Recommendations: For Evernote version 7.9, consider disabling the execution of local files as a temporary workaround until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GNU C Library (aka glibc or libc6) versions prior to 2.30 **Description** The issue is related to Uncontrolled Recursion in the `check dst limits calc pos 1` function in `posix/regexec.c`. This can be demonstrated by using a crafted pattern '(|)(11)*' in grep. The software maintainer disputes that this is a vulnerability, stating that the behavior occurs only with a crafted pattern. **Recommendations** For GNU C Library (aka glibc or libc6) versions prior to 2.30, consider updating to a newer version to mitigate the risk of Uncontrolled Recursion. As a temporary workaround, consider restricting the use of crafted patterns in grep until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK+ versions prior to 2.22.7 WebKitGTK versions prior to 2.23.91 **Description** The issue is caused by a buffer overflow in the UIProcess subsystem of WebKitGTK+, allowing a remote attacker to potentially cause a denial of service or impact the confidentiality and integrity of protected information. The problem is related to the script dialog size exceeding the web view size. This issue affects products such as GNOME Web (also known as Epiphany). **Recommendations** For WebKitGTK+ versions prior to 2.22.7, update to version 2.22.7 or later to resolve the issue. For WebKitGTK versions prior to 2.23.91, update to version 2.23.91 or later to resolve the issue. As a temporary workaround, consider restricting access to the `UIProcess/API/gtk/WebKitScriptDialogGtk.cpp`, `UIProcess/API/gtk/WebKitScriptDialogImpl.cpp`, and `UIProcess/API/gtk/WebKitWebViewGtk.cpp` modules until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Telegram Desktop (aka tdesktop) version 1.3.14 Telegram version 3.3.0.0 WP8.1 on Windows **Description** The issue allows the leakage of end-user public and private IP addresses during a call due to an unsafe default behavior. This behavior involves accepting P2P connections from clients outside of the My Contacts list. The leakage occurs when a Telegram call is made and both parties use the peer-to-peer option. **Recommendations** For Telegram Desktop version 1.3.14, consider disabling the peer-to-peer call feature until a patch is available. For Telegram version 3.3.0.0 WP8.1 on Windows, restrict the acceptance of P2P connections to only trusted contacts to minimize the risk of IP address leakage.

**Name of the Vulnerable Software and Affected Versions** WebKitGTK and WPE WebKit versions prior to 2.24.1 **Description** The issue is related to insufficient input validation in WebKitGTK and WPE WebKit, allowing an attacker to conduct spoofing attacks. This can cause malicious web content to be displayed as if it were from a trusted URI, potentially deceiving users. The attack can be initiated remotely and involves certain JavaScript redirections. **Recommendations** For WebKitGTK and WPE WebKit versions prior to 2.24.1, update to version 2.24.1 or later to resolve the issue. As a temporary workaround, consider restricting JavaScript redirections in the browser settings until the update is applied.

**Name of the Vulnerable Software and Affected Versions** GNOME Web (aka Epiphany) versions 3.28.2.1 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved through JavaScript code that triggers access to a NULL URL. An example of such an exploit is a crafted `window.open` call. **Recommendations** For GNOME Web (aka Epiphany) versions 3.28.2.1 and earlier, consider disabling JavaScript execution until a patch is available to prevent potential crashes caused by malicious JavaScript code.