Matroska: >> Libebml >> 1.0.0 Security Vulnerabilities
In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
CVSS Score
6.5
EPSS Score
0.004
Published
2024-01-12
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-02-23
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
CVSS Score
4.3
EPSS Score
0.003
Published
2016-01-29
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
CVSS Score
4.3
EPSS Score
0.005
Published
2016-01-29
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
CVSS Score
9.6
EPSS Score
0.004
Published
2016-01-29