Mcsky23

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 **Description** ImageMagick is software used for editing and manipulating digital images. A buffer overflow can occur on 32-bit systems within the SFW decoder when processing very large images, potentially causing a crash. **Recommendations** Versions prior to 7.1.2-16 should be updated to 7.1.2-16 or later. Versions prior to 6.9.13-41 should be updated to 6.9.13-41 or later.

**Name of the Vulnerable Software and Affected Versions** quickjs-ng versions up to 0.11.0 **Description** A flaw exists in quickjs-ng quickjs due to a heap-based buffer overflow in the `js typed array constructor ta` function within the `quickjs.c` file. This manipulation allows for remote exploitation. An exploit for this issue has been published. **Recommendations** Install patch 53aebe66170d545bb6265906fe4324e4477de8b4 to address this issue.

**Name of the Vulnerable Software and Affected Versions** quickjs-ng versions up to 0.11.0 **Description** A flaw exists in quickjs-ng quickjs that could lead to a heap-based buffer overflow. This issue is located in the `js typed array sort` function within the `quickjs.c` file. Remote exploitation is possible. **Recommendations** Deploy a patch with identifier 53eefbcd695165a3bd8c584813b472cb4a69fbf5.

**Name of the Vulnerable Software and Affected Versions** quickjs-ng versions up to 0.11.0 **Description** A flaw exists in quickjs-ng up to version 0.11.0 due to a heap-based buffer overflow in the `js typed array constructor` function within the `quickjs.c` file. This issue can be triggered remotely through a manipulation. The exploit for this issue has been publicly disclosed. **Recommendations** Apply the patch c5d80831e51e48a83eab16ea867be87f091783c5 to remediate this issue.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 **Description** ImageMagick is software used for editing and manipulating digital images. A heap overflow can occur when encoding a PNG image due to an extremely large image profile. **Recommendations** Update to ImageMagick version 7.1.2-16 or later. Update to ImageMagick version 6.9.13-41 or later.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 **Description** ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-16 and 6.9.13-41, a failure in memory allocation within the sixel encoder could lead to writing beyond the bounds of a stack-allocated buffer. The sixel encoder is a component responsible for handling a specific image format. **Recommendations** ImageMagick versions prior to 7.1.2-16 should be updated to version 7.1.2-16 or later. ImageMagick versions prior to 6.9.13-41 should be updated to version 6.9.13-41 or later.

**Name of the Vulnerable Software and Affected Versions** quickjs-ng quickjs versions up to 0.11.0 **Description** A use-after-free issue exists in quickjs-ng quickjs up to version 0.11.0. The problem is located in an unknown function within the `quickjs.c` file, specifically in the Atomics Ops Handler component. The issue can be triggered remotely, and an exploit is publicly available. **Recommendations** Apply the patch ea3e9d77454e8fc9cb3ef3c504e9c16af5a80141 to resolve this issue.