VYPR
Medium severity6.5OSV Advisory· Published Sep 20, 2018· Updated Jun 17, 2026

CVE-2018-17235

CVE-2018-17235

Description

The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Enzo1982/Mp4v2OSV2 versions
    2.1.0, v1.9.0, v1.9.1, …+ 1 more
    • (no CPE)range: 2.1.0, v1.9.0, v1.9.1, …
    • (no CPE)range: =2.1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.