Information from Yoshihito Takemura

JVN#88850043
Title:Lhasa may insecurely load executable files
Status:vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.