Archersec

**Name of the Vulnerable Software and Affected Versions** owntone-server commit 3d1652d **Description** A flaw exists in owntone-server that allows for a Denial of Service (DoS). Specifically, a NULL pointer dereference is present in the `daap reply playlists` function located in the src/httpd daap.c file. This issue can be triggered by sending a specially crafted DAAP request to the server. The `daap reply playlists` function is vulnerable. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** owntone-server (affected versions not specified) **Description** A flaw exists in the safe atou64 function within owntone-server, specifically in the src/misc.c file, up to commit c4d57aa. This issue, a NULL pointer dereference, can be triggered by sending specially crafted HTTP requests to the server, potentially leading to a Denial of Service (DoS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.