Sebras

**Name of the Vulnerable Software and Affected Versions** OpenJPEG versions 2.5.3 and earlier **Description** OpenJPEG is an open-source JPEG 2000 codec. A call to the `opj jp2 read header` function may lead to an out-of-bounds heap memory write when the data stream `p stream` is too short and `p image` is not initialized. **Recommendations** Update OpenJPEG to a version later than 2.5.3.

**Name of the Vulnerable Software and Affected Versions** freeglut version 3.4.0 mupdf version 1.23.9 **Description** The issue is related to a memory leak in the `glutAddSubMenu` function through the `menuEntry` variable. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For freeglut version 3.4.0, consider disabling the `glutAddSubMenu` function until a patch is available to prevent potential exploitation. For mupdf version 1.23.9, restrict access to the `glutAddSubMenu` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** freeglut versions 3.4.0 and earlier mupdf version 1.23.9 **Description** The issue is related to a memory leak via the `menuEntry` variable in the `glutAddMenuEntry()` function. This can potentially allow a remote attacker to cause a denial of service. **Recommendations** For freeglut versions 3.4.0 and earlier, consider disabling the `glutAddMenuEntry()` function until a patch is available. For mupdf version 1.23.9, restrict access to the `glutAddMenuEntry()` function to minimize the risk of exploitation. Avoid using the `menuEntry` variable in the affected function until the issue is resolved.