CVE-2019-15049

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4Dec3Atom class at Core/Ap4Dec3Atom.cpp...

CVE-2019-15047

An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4BitReader::SkipBits at Core/Ap4Utils.cpp...

CVE-2019-13959

In Bento4 1.5.1-627, AP4DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186...

CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4BitStream::ReadBytes in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service...

CVE-2019-7697

An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service program crash, as demonstrated by mp42hls...

CVE-2019-7698

An issue was discovered in AP4Array::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095...

CVE-2019-6132

An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac...

CVE-2018-20659

An issue was discovered in Bento4 1.5.1-627. The AP4StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls...

CVE-2018-20408

An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls...

CVE-2018-20409

An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls...

CVE-2018-20095

An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls...

GHSA-HRMR-F5M6-M9PQ Moderate severity vulnerability that affects org.apache.commons:commons-compress

When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite...

CVE-2018-11771

When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite...

CVE-2018-14588

An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4DataBuffer::SetData in Core/Ap4DataBuffer.cpp...

CVE-2018-14587

An issue has been discovered in Bento4 1.5.1-624. AP4MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read...

CVE-2018-14585

An issue has been discovered in Bento4 1.5.1-624. AP4BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4Stz2Atom class...

CVE-2018-14584

An issue has been discovered in Bento4 1.5.1-624. AP4AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read...

CVE-2018-14445

In Bento4 v1.5.1-624, AP4File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service infinite loop via a crafted MP4 file...

CVE-2018-13846

An issue has been found in Bento4 1.5.1-624. AP4Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532...

CVE-2018-8013

In Apache Batik 1.x before 1.10, when deserializing subclass of AbstractDocument, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization...