Cybergym

**Name of the Vulnerable Software and Affected Versions** GPAC versions up to 2.4 **Description** A null pointer dereference issue exists in the `gf dash download init segment` function within the `src/media tools/dash client.c` file. Manipulation of the `base init url` argument can trigger this issue. This can be exploited remotely. The exploit has been publicly disclosed. **Recommendations** Apply the patch identified as 153ea314b6b053db17164f8bc3c7e1e460938eaa.

Name of the Vulnerable Software and Affected Versions: osrg GoBGP versions up to 3.37.0 Description: A problematic issue exists in the `SplitRTR` function of the `pkg/packet/rtr/rtr.go` file. This can lead to an out-of-bounds read, and the attack can be launched remotely. The complexity of the attack is high, and exploitability is difficult. Recommendations: Apply the patch e748f43496d74946d14fed85c776452e47b99d64 to fix this issue.

Name of the Vulnerable Software and Affected Versions: Artifex GhostPDL versions prior to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145 Description: A problematic issue exists in Artifex GhostPDL related to a null pointer dereference. The issue is located in the `pdf ferror` function within the `devices/vector/gdevpdf.c` file, part of the New Output File Open Error Handler component. The issue can be initiated remotely. Recommendations: Apply patch 619a106ba4c4abed95110f84d5efcd7aee38c7cb to resolve the issue.