VYPR

Libebml

by Matroska Org

Source repositories

CVEs (5)

  • CVE-2015-8789CriJan 29, 2016
    risk 0.56cvss 9.6epss 0.02

    Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.

  • CVE-2015-8791MedJan 29, 2016
    risk 0.21cvss 4.3epss 0.01

    The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.

  • CVE-2015-8790MedJan 29, 2016
    risk 0.21cvss 4.3epss 0.02

    The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.

  • CVE-2023-52339MedJan 12, 2024
    risk 0.00cvss 6.5epss 0.01

    In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.

  • CVE-2019-13615MedJul 16, 2019
    risk 0.00cvss 5.5epss 0.02

    libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.