Product:

Bento4

(Axiosys)
Repositories https://github.com/axiomatic-systems/Bento4
#Vulnerabilities 137
Date Id Summary Products Score Patch Annotated
2022-10-03 CVE-2022-41426 Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_AtomFactory::CreateAtomFromStream function in mp4split. Bento4 6.5
2022-10-03 CVE-2022-41427 Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux. Bento4 6.5
2022-10-03 CVE-2022-41428 Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux. Bento4 8.8
2022-10-03 CVE-2022-41429 Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag. Bento4 8.8
2022-10-03 CVE-2022-41430 Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux. Bento4 8.8
2022-10-19 CVE-2022-43032 An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac. Bento4 6.5
2022-10-19 CVE-2022-43033 An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input. Bento4 6.5
2022-10-19 CVE-2022-43034 An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts. Bento4 6.5
2022-10-19 CVE-2022-43035 An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac. Bento4 6.5
2022-10-19 CVE-2022-43037 An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp. Bento4 6.5