CVE-2022-3670

2022-10-2619:15:27

Google

osv.dev

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.6%

JSON

A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212010 is the identifier assigned to this vulnerability.

CPENameOperatorVersion
bento4eq1.5.0-618
bento4eq1.4.2-590
bento4eq1.5.1-622
bento4eq1.4.3-595
bento4eq1.4.3-600
bento4eq1.5.0-615
bento4eq1.4.2-593
bento4eq1.4.3-607
bento4eq1.5.1-629
bento4eq1.5.1-623

Name	Operator	Version
bento4	eq	1.5.0-618
bento4	eq	1.4.2-590
bento4	eq	1.5.1-622
bento4	eq	1.4.3-595
bento4	eq	1.4.3-600
bento4	eq	1.5.0-615
bento4	eq	1.4.2-593
bento4	eq	1.4.3-607
bento4	eq	1.5.1-629
bento4	eq	1.5.1-623