Heaven2024

**Name of the Vulnerable Software and Affected Versions** CVC5 Solver version 1.1.3 **Description** The issue is related to improper input validation, which allows attackers to cause a Denial of Service (DoS) by providing a crafted SMT2 input file. **Recommendations** For version 1.1.3, update to a newer version that addresses the improper input validation issue to prevent Denial of Service attacks.

**Name of the Vulnerable Software and Affected Versions** CVC5 Solver version 1.1.3 **Description** A segmentation fault in the software allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the `set-logic` command with specific formatting errors. **Recommendations** For version 1.1.3, consider avoiding the use of the `set-logic` command with potentially malformed input until a fix is available. As a temporary workaround, restrict the input to validated SMT-LIB files to minimize the risk of exploitation.