P870613

**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.6.0.0 **Description** A segmentation fault was discovered in Bento4 via the component /x86 64/multiarch/strlen-avx2.S. **Recommendations** For Bento4 version 1.6.0.0, consider restricting access to the /x86 64/multiarch/strlen-avx2.S component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** libsixel version 1.8.6 **Description** The issue is related to a double free error in the `sixel encoder output without macro` function, which is called from `sixel encoder encode frame` in encoder.c. **Recommendations** For libsixel version 1.8.6, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bingrep version 0.8.5 **Description** The issue is related to a memory allocation failure that can cause a Denial of Service (DoS). **Recommendations** For version 0.8.5, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Fribidi (affected versions not specified) **Description** A heap-based buffer overflow flaw was found in the Fribidi package, affecting the `fribidi cap rtl to unicode()` function. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service. The exploitation of this flaw may also allow a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.