Timchan2001

**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 4.4.4 **Description** The issue is related to a null pointer dereference in the `mask cidr6` component at `cidr.c` in Tcpreplay. This allows attackers to crash the application via a crafted `tcprewrite` command, potentially leading to a denial of service. The vulnerability can be exploited by a remote attacker. **Recommendations** For Tcpreplay version 4.4.4, consider disabling the `mask cidr6` function until a patch is available to prevent potential crashes via crafted commands. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** gifsicle version 1.94 **Description** A floating point exception (FPE) issue was discovered in gifsicle through the `resize stream` function at `src/xform.c`. This issue can cause problems when processing certain inputs. **Recommendations** For gifsicle version 1.94, consider avoiding the use of the `resize stream` function until a patch is available. As a temporary workaround, restrict the input to the `resize stream` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.