Luke Arntson

**Name of the Vulnerable Software and Affected Versions** Ignite Realtime Openfire versions prior to 4.4.1 **Description** The issue is related to reflected XSS that can be triggered via an LDAP setup test. **Recommendations** For versions prior to 4.4.1, update to version 4.4.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.7.2 **Description** The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read or write and crash, via a crafted header length in an RPKI-RTR Protocol Data Unit (PDU). This is due to a problem in the `rpki rtr pdu print` function. **Recommendations** For versions prior to 4.7.2, update to version 4.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `rpki rtr pdu print` function until a patch is available.