Bento4 Security Vulnerabilities and Issues — Bento4 CVE List

Lucene search

AxiosysBento4

5 matches found

CVE•added 2024/02/09 3:15 p.m.•73 views

CVE-2024-25452

Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function.

5.5CVSS5.5AI score0.0002EPSS

CVE•added 2024/02/29 1:44 a.m.•72 views

CVE-2024-24155

Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.

6.5CVSS6.5AI score0.00278EPSS

CVE•added 2024/02/09 3:15 p.m.•72 views

CVE-2024-25451

Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.

6.5CVSS6.5AI score0.00054EPSS

CVE•added 2024/02/09 3:15 p.m.•61 views

CVE-2024-25454

Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function.

5.5CVSS5.5AI score0.0002EPSS

CVE•added 2024/02/09 3:15 p.m.•37 views

CVE-2024-25453

Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function.

5.5CVSS5.5AI score0.0002EPSS