Songxpu

**Name of the Vulnerable Software and Affected Versions** Elixir WebRTC versions prior to 0.15.1 Elixir WebRTC versions prior to 0.16.1 **Description** Missing DTLS peer certificate fingerprint validation in the DTLS client (active) role removes one side of WebRTC's mutual authentication. When acting as the DTLS client, the fingerprint check was skipped on the handshake-completion code path that returns no outgoing packets. This occurs most commonly when a media server or SFU answers a browser's offer. While not independently exploitable for media interception in standard deployments, this issue enables a full man-in-the-middle attack on audio/video media (SRTP) and data channels (SCTP-over-DTLS) if combined with insecure signalling, a compromised signalling server, or a peer with similar validation gaps. **Recommendations** Update to version 0.15.1. Update to version 0.16.1.

**Name of the Vulnerable Software and Affected Versions** NanoMQ version 0.17.2 **Description** A heap buffer overflow issue exists, which can be triggered by calling the function `copyn str()` in the file `mqtt parser.c`. This can lead to a denial of service attack. **Recommendations** For NanoMQ version 0.17.2, consider disabling the `copyn str()` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** NanoMQ version 0.17.2 **Description** A heap buffer overflow issue exists, which can be triggered by calling the function `nmq subinfo decode()` in the file `mqtt parser.c`. This can be exploited to cause a denial of service attack. **Recommendations** For NanoMQ version 0.17.2, as a temporary workaround, consider disabling the `nmq subinfo decode()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenPrinting CUPS versions 2.4.2 and prior **Description** The issue is related to a heap buffer overflow vulnerability that could allow a remote attacker to launch a denial of service (DoS) attack. A buffer overflow vulnerability in the function `format log line` could allow remote attackers to cause a DoS on the affected system. Exploitation of the vulnerability can be triggered when the configuration file `cupsd.conf` sets the value of `loglevel` to `DEBUG`. **Recommendations** For OpenPrinting CUPS versions 2.4.2 and prior, as a temporary workaround, consider setting the `loglevel` in the `cupsd.conf` configuration file to a value other than `DEBUG` to minimize the risk of exploitation. Additionally, consider restricting access to the `format log line` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.