Madao123123

**Name of the Vulnerable Software and Affected Versions** jhead version 3.08 **Description** A heap-use-after-free issue was discovered in the ProcessFile function at jhead.c. This issue affects the processing of files, potentially leading to exploitation. **Recommendations** For jhead version 3.08, consider restricting access to the ProcessFile function until a patch is available. As a temporary workaround, avoid using the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX versions up to 5.0.0 **Description** A problematic issue was found in the function `PackLinuxElf64::un DT INIT` of the file `src/p lx elf.cpp`, leading to a heap-based buffer overflow. The attack can be launched on the local host. **Recommendations** Apply a patch to fix this issue, specifically the patch identified as `e0b6ff192412f5bb5364c1948f4f6b27a0cd5ea2`.