Product:

Bento4

(Axiosys)
Repositories https://github.com/axiomatic-systems/Bento4
#Vulnerabilities 162
Date Id Summary Products Score Patch Annotated
2023-04-11 CVE-2023-29576 Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h. Bento4 5.5
2023-04-12 CVE-2023-29574 Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component. Bento4 5.5
2023-04-13 CVE-2023-29573 Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. Bento4 5.5
2023-04-21 CVE-2023-29575 Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. Bento4 5.5
2024-02-29 CVE-2024-24155 Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file. Bento4 6.5
2021-04-21 CVE-2020-23912 An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service. Bento4 5.5
2021-07-13 CVE-2020-19717 An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). Bento4 6.5
2021-07-13 CVE-2020-19718 An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). Bento4 6.5
2021-07-13 CVE-2020-19719 A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS). Bento4 6.5
2021-07-13 CVE-2020-19720 An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). Bento4 6.5