Salmonxo

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.3 **Description** The issue is caused by a stack overflow in the `njs default module loader` function at `/src/njs/src/njs module.c` of the Nginx NJS interpreter. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. Note that multiple third parties dispute this report, stating the behavior is only found in unreleased development code not part of the 0.7.2, 0.7.3, or 0.7.4 release. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick version 7.1.0-27 **Description** The issue is related to a buffer overflow in the implementation of the `PushLongPixel()` function in the ImageMagick graphic editor. This can be exploited by an attacker using a specially crafted image file, potentially leading to a denial of service or unauthorized access to protected information. **Recommendations** For ImageMagick version 7.1.0-27, consider disabling the `PushLongPixel()` function as a temporary workaround until a patch is available. Restrict access to the vulnerable function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.