Josselin Feist

**Name of the Vulnerable Software and Affected Versions** GIFLIB version 5.1.2 **Description** The issue involves multiple use-after-free and double-free vulnerabilities in the gifcolor.c file of GIFLIB. The impact and attack vectors of these vulnerabilities are not specified. **Recommendations** For GIFLIB version 5.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JasPer JPEG-2000 library versions prior to 1.900.2 **Description** The issue is related to a use-after-free vulnerability in the `mif process cmpt` function. This vulnerability can be exploited by remote attackers using a crafted JPEG 2000 image file, leading to a denial of service (crash). **Recommendations** For versions prior to 1.900.2, update to version 1.900.2 or later to resolve the issue. As a temporary workaround, consider restricting the processing of JPEG 2000 image files from untrusted sources until the update is applied.