Product:

Bento4

(Axiosys)
Repositories https://github.com/axiomatic-systems/Bento4
#Vulnerabilities 151
Date Id Summary Products Score Patch Annotated
2022-05-16 CVE-2022-29017 Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S. Bento4 5.5
2022-06-10 CVE-2022-31282 Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. Bento4 5.5
2022-06-10 CVE-2022-31285 An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h. Bento4 5.5
2022-06-10 CVE-2022-31287 An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp. Bento4 5.5
2022-06-27 CVE-2021-40941 In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS). Bento4 7.5
2022-06-28 CVE-2021-40943 In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). Bento4 5.5
2022-08-18 CVE-2022-35165 An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input. Bento4 5.5
2022-09-14 CVE-2022-40438 Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. Bento4 6.5
2022-09-14 CVE-2022-40439 An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. Bento4 6.5
2022-09-15 CVE-2022-40736 An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp. Bento4 6.5