Notmebutwin

**Name of the Vulnerable Software and Affected Versions** Sogou Workflow version 0.10.6 **Description** The issue is related to a buffer-overflow that may cause a crash. This occurs when a negative size is used in the `memcpy` function within the `URIParser::parse` function. **Recommendations** For Sogou Workflow version 0.10.6, consider restricting the use of the `URIParser::parse` function until a patch is available to prevent potential buffer-overflow issues. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iniparser version 4.1 **Description** The issue is related to a NULL Pointer Dereference in the `iniparser getlongint` function, which fails to check for NULL returns from the `iniparser getstring` function. This can lead to a denial of service. **Recommendations** For iniparser version 4.1, consider adding a NULL check for the return value of the `iniparser getstring` function before passing it to the `iniparser getlongint` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MojoJson version 1.2.3 **Description** An issue was found that allows attackers to execute arbitrary code via the `destroy` function. **Recommendations** For MojoJson version 1.2.3, consider disabling the `destroy` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Barenboim json-parser versions 1.1.0 and earlier **Description** The issue allows an attacker to execute arbitrary code via the `json value parse` function. This is a result of a Buffer OverFlow Vulnerability in the Barenboim json-parser. **Recommendations** For Barenboim json-parser version 1.1.0 and earlier, update to version 1.1.1 to resolve the issue. As a temporary workaround, consider disabling the `json value parse` function until a patch is available.