Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bento4
(Axiosys)| Repositories | https://github.com/axiomatic-systems/Bento4 |
| #Vulnerabilities | 137 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-29 | CVE-2024-24155 | Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file. | Bento4 | 6.5 | ||
| 2021-04-21 | CVE-2020-23912 | An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service. | Bento4 | 5.5 | ||
| 2021-07-13 | CVE-2020-19717 | An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-07-13 | CVE-2020-19718 | An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-07-13 | CVE-2020-19719 | A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-07-13 | CVE-2020-19720 | An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-07-13 | CVE-2020-19721 | A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-07-13 | CVE-2020-19722 | An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-08-05 | CVE-2021-35306 | An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS). | Bento4 | 6.5 | ||
| 2021-08-05 | CVE-2021-35307 | An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). | Bento4 | 6.5 |