Giantbranch

**Name of the Vulnerable Software and Affected Versions** radare2 versions 2.5.4.2 through 5.4.0 **Description** A heap buffer overflow issue exists in the `r read le32` function. **Recommendations** For versions 2.5.4.2 through 5.4.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions 5.4.0 through 5.4.2 **Description** A heap buffer overflow issue exists in the vax opfunction of radare2. **Recommendations** For versions 5.4.0 through 5.4.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions 5.4.0 through 5.4.2 **Description** The issue is related to a use after free in the `r reg set value` function. **Recommendations** For versions 5.4.0 and 5.4.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions 5.4.0 through 5.4.2 **Description** A heap buffer overflow issue exists in the `r sleb128` function. **Recommendations** For versions 5.4.0 through 5.4.2, consider disabling the `r sleb128` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** radare2 versions 5.4.0 through 5.4.2 **Description** The issue is related to a use after free in the `r reg get name idx` function. **Recommendations** For versions 5.4.0 and 5.4.2, update to a version that fixes the use after free issue in the `r reg get name idx` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions 5.4.0 through 5.4.2 **Description** A null pointer deference issue exists in the ` core anal fcn` function. **Recommendations** For versions 5.4.0 and 5.4.2, consider disabling the ` core anal fcn` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Exiv2 versions v0.27.4 and earlier **Description** A null pointer dereference was found in Exiv2, which can be triggered when printing the metadata of a crafted image file. This can potentially be exploited by an attacker to cause a denial of service if they can trick the victim into running Exiv2 on a crafted image file. The bug is only triggered when printing the interpreted (translated) data, which requires an extra command line option (`-p t` or `-P t`). **Recommendations** For Exiv2 versions v0.27.4 and earlier, update to version v0.27.5 to resolve the issue. As a temporary workaround, consider avoiding the use of the `-p t` or `-P t` command line options to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** jhead versions 3.04 through 3.05 **Description** A Denial of Service issue exists due to a wild address read in the `Get16u` function in `exif.c`, which can cause a segmentation fault via a crafted file. **Recommendations** For jhead version 3.04, update to a version that fixes the issue in the `Get16u` function. For jhead version 3.05, update to a version that fixes the issue in the `Get16u` function. As a temporary workaround, consider restricting access to the `exif.c` file or the `Get16u` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jhead versions 3.04 through 3.05 **Description** A Heap-based Buffer Overflow issue exists, allowing for a Buffer Overflow via the `RemoveUnknownSections` function in `jpgfile.c`. **Recommendations** For jhead versions 3.04 and 3.05, consider disabling the `RemoveUnknownSections` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** jhead versions 3.04 through 3.05 **Description** A Heap-based Buffer Overflow issue exists via the `RemoveSectionType` function in `jpgfile.c`. **Recommendations** For versions 3.04 and 3.05, consider disabling the `RemoveSectionType` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** An invalid memory address reference was discovered in the `elf lookup` function in `p lx elf.cpp` via a crafted Mach-O file. **Recommendations** For UPX version 4.0.0, consider updating to a newer version that contains a fix for this issue, as no specific workaround is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A heap-based buffer over-read was discovered in the `invert pt dynamic` function in `p lx elf.cpp` via a crafted Mach-O file. **Recommendations** For UPX version 4.0.0, as a temporary workaround, consider disabling the `invert pt dynamic` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A heap-based buffer over-read was discovered in the `get le64` function in `bele.h` via a crafted Mach-O file. **Recommendations** For UPX version 4.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A heap-based buffer over-read was discovered in the get le32 function in bele.h via a crafted Mach-O file. **Recommendations** For UPX version 4.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A heap-based buffer over-read issue was discovered in the `acc ua get be32` function, located in the miniacc.h file, which can be exploited via a crafted Mach-O file. **Recommendations** For UPX version 4.0.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A memory-related issue was found in the adjABS function within the p lx elf.cpp file of UPX, which can be triggered by a specially crafted Mach-O file. **Recommendations** For UPX version 4.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A floating point exception was discovered in the `elf lookup` function in `p lx elf.cpp` via a crafted Mach-O file. **Recommendations** For UPX version 4.0.0, consider updating to a newer version that contains a fix for this issue, as the current version is affected by the floating point exception in the `elf lookup` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** upx version 4.0.0 **Description** A heap buffer overflow read was discovered in the upx software, specifically due to an imperfect check in the `p lx elf.cpp` component. This issue can be exploited by a remote attacker to gain access to confidential data and potentially cause a denial of service. **Recommendations** For upx version 4.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `p lx elf.cpp` component to minimize the risk of exploitation.