6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
50.1%
A vulnerability, which was classified as problematic, was found in
Axiomatic Bento4. Affected is an unknown function of the component
mp4decrypt. The manipulation leads to memory leak. It is possible to launch
the attack remotely. The exploit has been disclosed to the public and may
be used. VDB-212682 is the identifier assigned to this vulnerability.
Author | Note |
---|---|
alexmurray | kodi-inputstream-adaptive contains an embedded copy of bento4 |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |
ubuntu | 23.10 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |
ubuntu | 24.04 | noarch | kodi-inputstream-adaptive | < any | UNKNOWN |