Xiangkun Jia

Name of the Vulnerable Software and Affected Versions: GPAC versions 0.8.0 through 1.0.1 Description: A heap-based buffer overflow issue exists in the `gp rtp builder do avc()` function, located in the `ietf/rtp pck mpeg4.c` file. Recommendations: For GPAC version 0.8.0, update to a version that fixes the issue. For GPAC version 1.0.1, update to a version that fixes the issue. As a temporary workaround, consider disabling the `gp rtp builder do avc()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.1 **Description** An issue was discovered in macOS that involves the QuickTime component, allowing attackers to bypass intended memory-read restrictions via a crafted app. **Recommendations** For macOS versions prior to 10.13.1, update to version 10.13.1 or later to resolve the issue.