3Kyo0

**Name of the Vulnerable Software and Affected Versions** Freeimage version 3.18.0 **Description** The issue is related to a buffer overflow vulnerability in the Freeimage library, which can be exploited by reading data beyond the buffer boundaries in memory. This can allow an attacker to cause a denial of service via a crafted JXR file. **Recommendations** For Freeimage version 3.18.0, consider updating to a newer version that contains a fix for this issue, as no specific workaround is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MPV version 0.29.1 **Description** The issue allows attackers to execute arbitrary code and crash the program via the `ao c` parameter. **Recommendations** For MPV version 0.29.1, update to version 0.30 to resolve the issue. As a temporary workaround, consider restricting the use of the `ao c` parameter until the update is applied.