Wooseok Kang

**Name of the Vulnerable Software and Affected Versions** Plib versions 1.85 and earlier **Description** The issue is caused by an integer overflow in the `ssgLoadTGA()` function, located in the `src/ssg/ssgLoadTGA.cxx` file. This could result in arbitrary code execution. The vulnerability can be exploited by a remote attacker. **Recommendations** For Plib versions 1.85 and earlier, as a temporary workaround, consider disabling the `ssgLoadTGA()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** dcraw (affected versions not specified) **Description** The issue is related to an integer overflow vulnerability. It occurs when a maliciously crafted X3F input image is processed, potentially allowing arbitrary code execution on the victim's system. The vulnerability exists due to insufficient input validation in the `foveon load camf()` function of the dcraw raw converter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.