CVE-2022-21655 Incorrect handling of internal redirects results in crash in Envoy

Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal...

PT-2021-24221 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: gpac version 1.1.0 Description: An invalid memory address dereference issue exists via the svg node start function, causing a segmentation fault and application crash. Recommendations: For gpac version 1.1.0, consider disabling the svg node...

PT-2017-16801 · Zziplib +2 · Zziplib +2

Name of the Vulnerable Software and Affected Versions: zziplib version 0.13.62 Description: The issue allows remote attackers to cause a denial of service, resulting in an invalid memory read and crash, via a crafted ZIP file. This is due to a problem in the zzip mem entry extra block function in...