Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bento4
(Axiosys)| Repositories | https://github.com/axiomatic-systems/Bento4 |
| #Vulnerabilities | 136 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-18 | CVE-2022-40775 | An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields. | Bento4 | 5.5 | ||
| 2022-09-14 | CVE-2022-40438 | Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | Bento4 | 6.5 | ||
| 2022-09-14 | CVE-2022-40439 | An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | Bento4 | 6.5 | ||
| 2022-09-15 | CVE-2022-40737 | An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields. | Bento4 | 6.5 | ||
| 2022-09-15 | CVE-2022-40738 | An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write. | Bento4 | 6.5 | ||
| 2022-08-18 | CVE-2022-35165 | An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input. | Bento4 | 5.5 | ||
| 2022-06-27 | CVE-2021-40941 | In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS). | Bento4 | 7.5 | ||
| 2022-06-28 | CVE-2021-40943 | In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | Bento4 | 5.5 | ||
| 2022-06-10 | CVE-2022-31282 | Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. | Bento4 | 5.5 | ||
| 2022-06-10 | CVE-2022-31285 | An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h. | Bento4 | 5.5 |