Patchkey

**Name of the Vulnerable Software and Affected Versions** GhostPCL version 9.55.0 Ghostscript version 9.55.0 **Description** A problematic vulnerability was found in the function `chunk free object` of the file `gsmchunk.c`. This issue is related to a buffer overflow. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. **Recommendations** For GhostPCL version 9.55.0, apply the patches to fix this issue. For Ghostscript version 9.55.0, apply the patches to fix this issue. As a temporary workaround, consider disabling the `chunk free object` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tildearrow Furnace version dev73 **Description** A critical issue has been discovered that affects the FUR to VGM converter in console mode, causing stack-based overflows and crashes. The issue can be initiated remotely but requires user interaction. **Recommendations** For version dev73, consider disabling the FUR to VGM converter in console mode until a patch is available to prevent potential exploitation. Restrict access to the converter to minimize the risk of crashes and overflows. Avoid using the converter in situations where user interaction can be manipulated. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick (affected versions not specified) **Description** The issue is related to a heap buffer overflow when parsing MIFF, which can be exploited to impact the confidentiality, integrity, and availability of protected information. This is due to errors in authorization within the GraphicsMagick component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.