CVE-2022-3670

A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

CVE-2022-40884

Bento4 1.6.0 has memory leaks via the mp4fragment...

CVE-2022-43035

An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4Dec3Atom::AP4Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service DoS, as demonstrated by mp42aac...

CVE-2022-43037

An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4File::ParseStream in /Core/Ap4File.cpp...

CVE-2022-43034

An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4BitReader::SkipBitsunsigned int function in mp42ts...

CVE-2022-43038

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4BitReader::ReadCache function in mp42ts...

CVE-2022-41427

Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4AvcFrameParser::Feed function in mp4mux...

CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

CVE-2022-41419

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4Processor::Process function in the mp4encrypt binary...

CVE-2022-41428

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4BitReader::ReadBits function in mp4mux...

CVE-2022-41423

Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component...

CVE-2022-41430

Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4BitReader::ReadBit function in mp4mux...

CVE-2022-41425

Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4Processor::ProcessFragments function in mp4decrypt...

CVE-2022-41847

An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4StdcFileByteStream::CreateAP4FileByteStream, char const, AP4FileByteStream::Mode, AP4ByteStream& in System/StdC/Ap4StdCFileByteStream.cpp...

CVE-2022-40775

An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4StszAtom::WriteFields...

CVE-2022-40774

An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4StszAtom::GetSampleSize...

CVE-2022-40736

An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4CttsAtom::Create in Core/Ap4CttsAtom.cpp...

CVE-2022-40439

An memory leak issue was discovered in AP4StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file...

CVE-2022-35165

An issue in AP4SgpdAtom::AP4SgpdAtom of Bento4-1.6.0-639 allows attackers to cause a Denial of Service DoS via a crafted mp4 input...

InputStream::read_exact : `Read` on uninitialized buffer causes UB

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...