Zhangzhourui

**Name of the Vulnerable Software and Affected Versions** lunasvg version 2.3.9 **Description** A stack-buffer-underflow issue was discovered in lunasvg at lunasvg/source/layoutcontext.cpp. **Recommendations** For lunasvg version 2.3.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** lunasvg version 2.3.9 **Description** The issue is related to a Floating Point Exception (FPE) at `blend transformed tiled argb.isra.0`. This indicates a problem with how the software handles certain mathematical operations, potentially leading to crashes or other unexpected behavior. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** For lunasvg version 2.3.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** lunasvg version 2.3.9 **Description** The issue is related to a segmentation violation in the component composition solid source over. **Recommendations** For lunasvg version 2.3.9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** swftools version 0.9.2 **Description** The issue allows attackers to crash the application via the function `compileSWFActionCode` in `action/actioncompiler.c`. This is due to a Null Pointer Dereference vulnerability in the `swfdump` component of `swftools`. **Recommendations** For swftools version 0.9.2, consider disabling the `compileSWFActionCode` function as a temporary workaround until a patch is available. Restrict access to the `swfdump` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** swfdump version 0.9.2 **Description** A heap buffer overflow was discovered in the function `swf GetPlaceObject` at `swfobject.c`. **Recommendations** For swfdump version 0.9.2, consider disabling the `swf GetPlaceObject` function as a temporary workaround until a patch is available.