Hotspurzzz

**Name of the Vulnerable Software and Affected Versions** PBC through 2022-8-27 **Description** A SEGV issue was detected in the function `pbc wmessage integer` in `src/wmessage.c:137`. This issue affects PBC. **Recommendations** For PBC through 2022-8-27, as a temporary workaround, consider disabling the `pbc wmessage integer` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 2.1-DEV-rev505-gb9577e6ad-master **Description** A memory leak was discovered in GPAC via the `gf isom box parse ex` function at `box funcs.c`. This issue may allow for unauthorized access or other malicious activities. **Recommendations** For GPAC version 2.1-DEV-rev505-gb9577e6ad-master, as a temporary workaround, consider disabling the `gf isom box parse ex` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GPAC version 2.1-DEV-rev505-gb9577e6ad-master **Description** The issue is related to a memory leak via the `afrt box read` function at `box code adobe.c`. This can be exploited by a remote attacker to cause a denial of service. The memory leak is due to the use of memory after it has been freed. **Recommendations** For GPAC version 2.1-DEV-rev505-gb9577e6ad-master, as a temporary workaround, consider disabling the `afrt box read` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.