Seu-Ssl

**Name of the Vulnerable Software and Affected Versions** jq version 1.7 **Description** The issue is related to a heap-based buffer overflow in the jq command-line JSON processor. This can potentially allow an attacker to cause a denial of service. **Recommendations** For version 1.7, update to version 1.7.1 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Espeak-ng version 1.52-dev **Description** The issue is related to a buffer overflow in the SetUpPhonemeTable function, which can lead to a denial of service or potentially allow an attacker to execute arbitrary code. The vulnerability is associated with the Espeak-ng speech synthesizer. **Recommendations** For Espeak-ng version 1.52-dev, consider disabling the `SetUpPhonemeTable()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Espeak-ng version 1.52-dev **Description** The issue is related to a Stack Buffer Underflow via the `CountVowelPosition()` function at `synthdata.c`. This could allow an attacker to cause a denial of service or potentially execute arbitrary code. The vulnerability is associated with improper memory management under certain circumstances. **Recommendations** For Espeak-ng version 1.52-dev, consider disabling the `CountVowelPosition()` function as a temporary workaround until a patch is available. Restrict access to the `synthdata.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Espeak-ng version 1.52-dev **Description** The issue is related to a Stack Buffer Overflow via the `RemoveEnding` function at `dictionary.c`. This can potentially allow an attacker to cause a denial of service or execute arbitrary code. The vulnerability is associated with improper memory management under certain circumstances. **Recommendations** For Espeak-ng version 1.52-dev, consider disabling the `RemoveEnding` function as a temporary workaround until a patch is available. Restrict access to the `dictionary.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Espeak-ng version 1.52-dev **Description** The issue is related to a Floating Point Exception via the function `PeaksToHarmspect()` at `wavegen.c`. This can potentially allow an attacker to cause a denial of service or execute arbitrary code due to improper memory management under certain circumstances. **Recommendations** For Espeak-ng version 1.52-dev, consider disabling the `PeaksToHarmspect()` function as a temporary workaround until a patch is available. Restrict access to the `wavegen.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.