Yangfar

**Name of the Vulnerable Software and Affected Versions** Lodepng version 20220717 **Description** A segmentation fault was discovered in the function `pngdetail()`. **Recommendations** For version 20220717, consider disabling the `pngdetail()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jsonlint version 1.0 MyBatis PageHelper versions 3.5.x through 5.3.x **Description** The issue involves a heap-buffer-overflow in jsonlint and a time-blind SQL injection vulnerability in MyBatis PageHelper. The jsonlint vulnerability occurs via the /home/hjsz/jsonlint/src/lexer file. In MyBatis PageHelper, the vulnerability is exploited via the `orderBy` parameter. **Recommendations** For jsonlint version 1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For MyBatis PageHelper versions 3.5.x through 5.3.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider avoiding the use of the `orderBy` parameter in the affected API endpoint until the issue is resolved.