Cvjarko

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A heap-buffer overflow was discovered in SWFTools via the `GfxICCBasedColorSpace::getDefaultColor(GfxColor*)` function at `/xpdf/GfxState.cc`. This issue is related to commit 772e55a2. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools version 772e55a2 **Description** A floating point exception (FPE) was discovered in SWFTools via the `DCTStream::readMCURow()` function at `/xpdf/Stream.cc`. This issue may be related to a problem in the `readMCURow()` function. **Recommendations** For SWFTools version 772e55a2, as a temporary workaround, consider disabling the `DCTStream::readMCURow()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JPEGDEC (affected versions not specified) **Description** A segmentation fault was discovered in JPEGDEC via fseek at /libio/fseek.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PNGDec version prior to the version that includes the fix for the issue in commit 8abf6be **Description** A heap buffer overflow issue was discovered in PNGDec via the ` interceptor fwrite.part.57` function at `sanitizer common interceptors.inc`. **Recommendations** For versions prior to the fixed version, consider applying a patch that fixes the heap buffer overflow issue in the ` interceptor fwrite.part.57` function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PNGDec version prior to the version that includes commit 8abf6be **Description** A stack overflow issue was discovered in PNGDec. The issue is related to the /linux/main.cpp file. **Recommendations** For versions prior to the version that includes commit 8abf6be, update to a version that includes the fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PNGDec (affected versions not specified) **Description** A memory allocation problem was discovered in PNGDec via asan malloc linux.cpp. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PNGDec version prior to the version that includes the fix for the issue in commit 8abf6be **Description** A heap buffer overflow issue was discovered in PNGDec via the SaveBMP function at /linux/main.cpp. **Recommendations** For versions prior to the fix, consider restricting access to the SaveBMP function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PNGDec version 8abf6be **Description** A global buffer overflow issue was discovered in PNGDec via the inflate fast function at /src/inffast.c. **Recommendations** For PNGDec version 8abf6be, consider updating to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PNGDec version prior to the version that includes the fix for the issue in commit 8abf6be **Description** A floating-point exception issue was discovered in PNGDec, specifically in the SaveBMP function located at /linux/main.cpp. **Recommendations** For versions prior to the fix, consider applying a patch that addresses the floating-point exception issue in the SaveBMP function.

**Name of the Vulnerable Software and Affected Versions** JPEGDEC (affected versions not specified) **Description** A global buffer overflow issue was discovered in JPEGDEC via the ucDitherBuffer at /src/jpeg.inl. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JPEGDEC (affected versions not specified) **Description** A global buffer overflow issue was discovered in JPEGDEC via the JPEGDecodeMCU function at /src/jpeg.inl. This issue can be exploited at the `/src/jpeg.inl` endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the `/multiarch/memset-vec-unaligned-erms.S` API endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFTools (affected versions not specified) **Description** A segmentation violation was discovered in SWFTools via the extractFrame function at /readers/swf.c. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ffjpeg (affected versions not specified) **Description** A memory leak was discovered in ffjpeg via the /src/jfif.c file. The issue is related to the "ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291". **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** jpeg-quantsmooth before commit 8879454 **Description** The issue is related to a floating point exception (FPE) in jpeg-quantsmooth. This exception occurs via the /jpeg-quantsmooth/jpegqs+0x4f5d6c endpoint. **Recommendations** For versions before commit 8879454, update to a version that includes commit 8879454 or later to resolve the issue. As a temporary workaround, consider restricting access to the /jpeg-quantsmooth/jpegqs+0x4f5d6c endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** SWFMill (affected versions not specified) **Description** A heap-buffer overflow was discovered in SWFMill via the SWF::Writer::writeByte(unsigned char) function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFMill (affected versions not specified) **Description** A segmentation violation was discovered in SWFMill via the `SWF::MethodBody::write(SWF::Writer*, SWF::Context*)` function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFMill (affected versions not specified) **Description** A heap-buffer overflow was discovered in SWFMill via the SWF::Reader::getU30() function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFMill (affected versions not specified) **Description** A heap-buffer overflow issue was discovered in SWFMill via interceptor strlen.part at /sanitizer common/sanitizer common interceptors.inc. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SWFMill (affected versions not specified) **Description** A heap-buffer overflow issue was discovered in SWFMill via the base64 encode function. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.