Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bento4
(Axiosys)| Repositories | https://github.com/axiomatic-systems/Bento4 |
| #Vulnerabilities | 162 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-30 | CVE-2022-41846 | An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp. | Bento4 | 5.5 | ||
| 2025-02-05 | CVE-2024-57598 | A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in function AP4_TfraAtom() of Ap4TfraAtom.cpp which allows a remote attacker to cause a denial of service vulnerability. | Bento4 | N/A | ||
| 2025-02-19 | CVE-2025-25942 | An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the mp4fragment tool when processing invalid files. Specifically, memory allocated in SampleArray::SampleArray in Mp4Fragment.cpp is not properly released. | Bento4 | N/A | ||
| 2025-02-19 | CVE-2025-25943 | Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the AP4_Stz2Atom::AP4_Stz2Atom component located in Ap4Stz2Atom.cpp. | Bento4 | N/A | ||
| 2025-02-19 | CVE-2025-25944 | Buffer Overflow vulnerability in Bento4 v.1.6.0-641 allows a local attacker to execute arbitrary code via the Ap4RtpAtom.cpp, specifically in AP4_RtpAtom::AP4_RtpAtom, during the execution of mp4fragment with a crafted MP4 input file. | Bento4 | N/A | ||
| 2025-02-19 | CVE-2025-25945 | An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp. | Bento4 | N/A | ||
| 2025-02-19 | CVE-2025-25947 | An issue in Bento4 v1.6.0-641 allows an attacker to trigger a segmentation fault via Ap4Atom.cpp, specifically in AP4_AtomParent::RemoveChild, during the execution of mp4encrypt with a specially crafted MP4 input file. | Bento4 | N/A | ||
| 2022-10-19 | CVE-2022-40884 | Bento4 1.6.0 has memory leaks via the mp4fragment. | Bento4 | 5.5 | ||
| 2022-10-19 | CVE-2022-40885 | Bento4 v1.6.0-639 has a memory allocation issue that can cause denial of service. | Bento4 | 5.5 | ||
| 2022-10-19 | CVE-2022-40884 | Bento4 1.6.0 has memory leaks via the mp4fragment. | Bento4 | 5.5 |