Hannob

**Name of the Vulnerable Software and Affected Versions** badkeys versions 0.0.15 and below **Description** badkeys is a tool and library used for checking cryptographic public keys for known issues. In versions 0.0.15 and below, an attacker can inject content containing ASCII control characters, such as vertical tabs and ANSI escape sequences. This injection can lead to misleading output when using the badkeys command-line tool. This affects scanning DKIM keys (using both `--dkim` and `--dkim-dns` options), SSH keys (in `--ssh-lines` mode), and filenames in various modes. **Recommendations** Update to version 0.0.16 or later.

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 29.0.13, 30.0.7, and 31.0.1 Nextcloud Enterprise Server versions prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1 Description: The issue allows an attacker on a multi-user system to read temporary files from Nextcloud running with a different user account, or run a symlink attack. Recommendations: For Nextcloud Server versions prior to 29.0.13, update to version 29.0.13 or later. For Nextcloud Server versions prior to 30.0.7, update to version 30.0.7 or later. For Nextcloud Server versions prior to 31.0.1, update to version 31.0.1 or later. For Nextcloud Enterprise Server versions prior to 26.0.13.13, update to version 26.0.13.13 or later. For Nextcloud Enterprise Server versions prior to 27.1.11.13, update to version 27.1.11.13 or later. For Nextcloud Enterprise Server versions prior to 28.0.14.4, update to version 28.0.14.4 or later. For Nextcloud Enterprise Server versions prior to 29.0.13, update to version 29.0.13 or later. For Nextcloud Enterprise Server versions prior to 30.0.7, update to version 30.0.7 or later. For Nextcloud Enterprise Server versions prior to 31.0.1, update to version 31.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** freewvs versions prior to 0.1.1 **Description** A user could create a large file that freewvs will try to read, which will terminate a scan process. **Recommendations** For versions prior to 0.1.1, update to version 0.1.1 to resolve the issue. As a temporary workaround, consider limiting the size of files that freewvs can read to prevent the scan process from terminating.

Name of the Vulnerable Software and Affected Versions: QPDF versions prior to 7.0.0 Description: An issue was discovered in QPDF. There is a stack-based out-of-bounds read in the function `iterate rc4` in `QPDF encryption.cc`. Recommendations: For versions prior to 7.0.0, update to version 7.0.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: QPDF versions prior to 7.0.0 Description: An issue was discovered in the QPDFWriter::enqueueObject() function, located in libqpdf/QPDFWriter.cc, which contains an infinite loop. Recommendations: For versions prior to 7.0.0, update to version 7.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QPDF versions prior to 7.0.0 **Description** An issue in QPDF causes endless recursion, leading to stack exhaustion in the `QPDFTokenizer::resolveLiteral()` function, related to the `QPDF::resolve` function. **Recommendations** For versions prior to 7.0.0, update to version 7.0.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: QPDF versions prior to 7.0.0 Description: An issue was discovered in QPDF due to looping xref tables in QPDF.cc, resulting in an infinite loop. Recommendations: For versions prior to 7.0.0, update to version 7.0.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: QPDF versions prior to 7.0.0 Description: An issue was discovered in QPDF, where a large heap-based out-of-bounds read occurs in the Pl Buffer::write function. This is caused by an integer overflow in the PNG filter. Recommendations: For versions prior to 7.0.0, update to version 7.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** exfat-utils versions prior to 1.2.1 **Description** The issue is related to a heap-based buffer overflow in the `verify vbr checksum` function in `exfatfsck`, which can be exploited by remote attackers using a crafted filesystem. This can lead to a denial of service in the form of an infinite loop or potentially allow the execution of arbitrary code. **Recommendations** For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ytnef versions prior to 1.9.2 **Description** A potential heap-based buffer over-read issue has been discovered in the handling of incoming Compressed RTF Streams. This issue is related to the `DecompressRTF()` function in `libytnef`. **Recommendations** For versions prior to 1.9.2, update to version 1.9.2 or later to resolve the issue. As a temporary workaround, consider restricting the handling of Compressed RTF Streams until the update is applied.

**Name of the Vulnerable Software and Affected Versions** ytnef versions prior to 1.9.2 **Description** An issue has been discovered related to the handling of LONG data types, which can cause an invalid memory access, specifically a heap-based buffer over-read. This issue is associated with the MAPIPrint() function in libytnef. **Recommendations** For versions prior to 1.9.2, update to version 1.9.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the MAPIPrint() function in libytnef until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ytnef versions prior to 1.9.2 **Description** An issue was discovered in the TNEFParse() function within libytnef, where there is a potential out-of-bounds access with fields of size 0. **Recommendations** For versions prior to 1.9.2, update to version 1.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the TNEFParse() function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** JasPer versions prior to 1.900.8 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash, via a crafted file. This is due to a NULL pointer dereference in the `jpc dec tilefini` function. **Recommendations** For versions prior to 1.900.8, update to version 1.900.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** JasPer versions prior to 1.900.8 **Description** The issue allows remote attackers to cause a denial of service via a crafted file. This is due to a problem in the jpc dec tiledecode function in jpc dec.c. **Recommendations** For versions prior to 1.900.8, update to version 1.900.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** DBD::mysql versions prior to 4.033 01 Debian GNU/Linux (affected versions not specified) **Description** The issue is related to a use-after-free vulnerability in the `my login` function, which can be exploited by making a call to `mysql errno` after `my login` fails. This could allow a remote attacker to have an unspecified impact. **Recommendations** For DBD::mysql versions prior to 4.033 01, update to version 4.033 01 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the `my login` function until a patch is available. Restrict access to the `mysql errno` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GD Graphics Library (affected versions not specified) **Description** The issue concerns a denial of service (out-of-bounds read) that can be triggered by remote attackers through a crafted image. This is due to a problem in the output function within the gd gif out.c file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libarchive versions prior to 3.2.1 **Description** The issue is related to an integer overflow in the ISO parser, which can be triggered by a crafted ISO file. This can cause a denial of service, resulting in an application crash. **Recommendations** For versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** dosfstools versions prior to 4.0 **Description** The issue allows attackers to cause a denial of service (crash) via a crafted filesystem. This is achieved by triggering a heap-based buffer overflow in the `read fat` function or an out-of-bounds heap read in the `get fat` function. **Recommendations** For versions prior to 4.0, update to version 4.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `read boot` function in `boot.c` until a patch is available. Avoid using crafted filesystems that could trigger the heap-based buffer overflow in the `read fat` function or the out-of-bounds heap read in the `get fat` function.

**Name of the Vulnerable Software and Affected Versions** libarchive versions prior to 3.2.0 **Description** The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. This is due to a problem in the `process add entry` function in archive read support format mtree.c. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to crafted mtree files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libarchive versions prior to 3.2.0 **Description** The issue is related to an integer overflow in the archive read format tar skip function, which can be triggered by a crafted tar file. This can cause a denial of service, resulting in a crash. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue.