Axiosys: >> Bento4 >> 1.6.0-639 Security Vulnerabilities
An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-19
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-19
An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-10-19
An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-19
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
CVSS Score
8.8
EPSS Score
0.004
Published
2022-10-03
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-10-03
Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-03
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-10-03
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-03
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-10-03