Ajakko

**Name of the Vulnerable Software and Affected Versions** GPAC version 2.1-DEV-rev490-g68064e101-master **Description** A problematic vulnerability was found in GPAC, affecting the function `lsr translate coords` of the file `laser/lsr dec.c`. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** To fix this issue, it is recommended to apply a patch, specifically the patch `b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908`. As a temporary workaround, consider disabling the `lsr translate coords` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** mkdocs version 1.2.2 **Description** The mkdocs built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain sensitive information. **Recommendations** For mkdocs version 1.2.2, as a temporary workaround, consider restricting access to port 8000 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.