Axiosys: Security Vulnerabilities
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-02-09
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-02-09
Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-02-09
Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-02-09
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-22
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-04-21
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-04-13
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-04-12
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-04-11
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.
CVSS Score
6.3
EPSS Score
0.005
Published
2022-12-17