Jinyu00

**Name of the Vulnerable Software and Affected Versions** Untrunc through 2018-06-07 **Description** The issue arises from a NULL pointer dereference in the Codec::parse function, located in track.cpp, due to improper interaction with libav when processing a crafted MP4 file. **Recommendations** For Untrunc through 2018-06-07, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AXML Parser versions prior to 2018-01-04 **Description** The issue is related to an out-of-bounds read in the CopyData function within the AxmlParser.c file of the AXML Parser. **Recommendations** For versions prior to 2018-01-04, update to a version released after 2018-01-04 to resolve the issue.