Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bento4
(Axiosys)| Repositories | https://github.com/axiomatic-systems/Bento4 |
| #Vulnerabilities | 151 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-09 | CVE-2024-25451 | Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function. | Bento4 | 6.5 | ||
| 2024-02-09 | CVE-2024-25452 | Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function. | Bento4 | 5.5 | ||
| 2024-02-09 | CVE-2024-25453 | Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function. | Bento4 | 5.5 | ||
| 2021-08-25 | CVE-2018-10790 | The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac. | Bento4 | 7.5 | ||
| 2019-12-30 | CVE-2019-20092 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp. | Bento4 | N/A | ||
| 2019-12-30 | CVE-2019-20091 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp. | Bento4 | N/A | ||
| 2019-12-30 | CVE-2019-20090 | An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp. | Bento4 | N/A | ||
| 2019-10-12 | CVE-2019-17530 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | Bento4 | N/A | ||
| 2019-10-12 | CVE-2019-17529 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | Bento4 | N/A | ||
| 2019-10-12 | CVE-2019-17528 | An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | Bento4 | N/A |