CVE-2018-20659

2019-01-0217:29:00

Google

osv.dev

6.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.6%

JSON

An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls.

CPENameOperatorVersion
bento4eq1.4.3-595
bento4eq1.4.2-586
bento4eq1.5.0-612
bento4eq1.5.0-611
bento4eq1.5.1-620
bento4eq1.5.0-615
bento4eq1.4.3-608
bento4eq1.5.0-609
bento4eq1.4.3-606
bento4eq1.4.2-591

Name	Operator	Version
bento4	eq	1.4.3-595
bento4	eq	1.4.2-586
bento4	eq	1.5.0-612
bento4	eq	1.5.0-611
bento4	eq	1.5.1-620
bento4	eq	1.5.0-615
bento4	eq	1.4.3-608
bento4	eq	1.5.0-609
bento4	eq	1.4.3-606
bento4	eq	1.4.2-591