Lucene search
K
Mp4v2 ProjectMp4v2

10 matches found

CVE
CVE
added 2023/05/31 12:0 a.m.147 views

CVE-2023-33718

mp4v2 v2.1.3 contains a memory leak in MP4File::ReadString() (mp4file_io.cpp). The CVE-2023-33718 entry, and connected sources, consistently describe this memory leak vulnerability in the mp4v2 library. No public remediation or patch details are provided within the supplied documents. The vulnera...

8.8CVSS8.6AI score0.0072EPSS
CVE
CVE
added 2023/06/02 12:0 a.m.117 views

CVE-2023-33717

CVE-2023-33717 affects mp4v2 library v2.1.3. The issue is a memory leak in MP4File::ReadBytes() when memory is allocated but ReadBytes() throws an exception that is not caught. Public details in the provided sources consistently describe a local-vector/availability impact (A: HIGH) without noting...

5.5CVSS5.4AI score0.00281EPSS
CVE
CVE
added 2023/03/17 6:47 a.m.62 views

CVE-2023-1450

MP4v2 2.1.2 vulnerability (CVE-2023-1450) affects the function DumpTrack in mp4trackdump.cpp. The issue enables denial of service and is exploitable with local access; the exploit has been disclosed publicly. Multiple sources (NVD, CVE listing, OSV/UBUNTU entries, and Nessus/Red Hat/UNIX advisori...

5.5CVSS4.7AI score0.00374EPSS
CVE
CVE
added 2023/04/24 12:0 a.m.58 views

CVE-2023-29578

The CVE-2023-29578 entry affects mp4v2 v2.0.0, where a heap buffer overflow is triggered in the destructor MP4StringProperty::~MP4StringProperty() implemented in mp4property.cpp. The vulnerability is documented with a CVSS v3.1 base score of 8.8 (HIGH) across confidentiality, integrity, and avail...

8.8CVSS8.9AI score0.0078EPSS
CVE
CVE
added 2023/03/17 6:49 a.m.53 views

CVE-2023-1451

CVE-2023-1451 affects MP4v2 2.1.2. The vulnerability is in mp4v2::impl::MP4Track::GetSampleFileOffset (mp4track.cpp) and can lead to a denial of service. The attack is local, and public exploit details have been disclosed. No patch/version remediation is specified in the provided documents. INFO:...

5.5CVSS4.7AI score0.00368EPSS
CVE
CVE
added 2018/09/20 12:0 a.m.48 views

CVE-2018-17236

The concrete details show an issue in libmp4v2 2.1.0 where MP4Free() frees an invalid pointer, causing a SIGABRT crash. Affected component: libmp4v2 (mp4property.cpp). Root cause: freeing a corrupted/invalid pointer inside MP4Free(). Impact: process crash (SIGABRT); no exploitation details provid...

6.5CVSS6.4AI score0.01113EPSS
CVE
CVE
added 2018/02/23 2:0 p.m.45 views

CVE-2018-7339

The CVE-2018-7339 vulnerability affects MP4v2 (MP4Atom class in mp4atom.cpp) up to version 2.0.0, where improper handling of Entry Number validation in the MP4 Table Property allows a remote attacker to cause a denial of service (overflow, excessive memory allocation, and segmentation fault) via ...

8.8CVSS9AI score0.01376EPSS
CVE
CVE
added 2023/05/26 12:0 a.m.44 views

CVE-2023-33720

CVE-2023-33720 concerns the mp4v2 library, where version 2.1.2 is reported to contain a memory leak in the MP4BytesProperty class. The available documents consistently describe memory-management issues in mp4v2/v2.1.2 but do not provide concrete details on affected products, versions beyond 2.1.2...

6.5CVSS6.4AI score0.00608EPSS
CVE
CVE
added 2023/04/14 12:0 a.m.43 views

CVE-2023-29584

CVE-2023-29584 affects mp4v2 v2.0.0, where a heap-based buffer overflow exists in MP4GetVideoProfileLevel() implemented in /src/mp4.cpp. The vulnerability is described across multiple sources (NVD, CVE listings, OSV/UBUNTU pages, Veracode entry) as a heap overflow in the libmp4v2/mp4v2 library, w...

8.8CVSS8.9AI score0.00836EPSS
CVE
CVE
added 2018/09/20 12:0 a.m.39 views

CVE-2018-17235

The CVE-2018-17235 entry concerns libmp4v2 version 2.1.0. The flaw resides in mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp, where mishandling of compatibleBrand while processing a crafted MP4 file leads to a heap-based buffer over-read and a denial of service. The description is consistent...

6.5CVSS6.3AI score0.01073EPSS