Jieyongma

**Name of the Vulnerable Software and Affected Versions** chafa versions prior to 1.10.3 **Description** The issue is related to a Buffer Over-read in the GitHub repository hpjansson/chafa. **Recommendations** For versions prior to 1.10.3, update to version 1.10.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** chafa versions prior to 1.10.2 **Description** The issue allows attackers to cause a denial of service (crash) via a crafted input file. This is due to a NULL Pointer Dereference in the `gif internal decode frame` function at `libnsgif.c:599`. **Recommendations** For versions prior to 1.10.2, update to version 1.10.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted input files that may trigger the NULL Pointer Dereference in the `gif internal decode frame` function.