Vendor CVEs
Bento4
All CVEs
169 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-41430 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux. | |||
| CVE-2022-41429 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag. | |||
| CVE-2022-41428 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux. | |||
| CVE-2022-41427 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux. | |||
| CVE-2022-41426 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_AtomFactory::CreateAtomFromStream function in mp4split. | |||
| CVE-2022-41425 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt. | |||
| CVE-2022-41423 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component. | |||
| CVE-2022-41424 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls. | |||
| CVE-2022-41419 | 0.00 | — | 0.01 | Oct 3, 2022 | Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_Processor::Process function in the mp4encrypt binary. | |||
| CVE-2022-41845 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h. | |||
| CVE-2022-41846 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp. | |||
| CVE-2022-41847 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp. | |||
| CVE-2022-41841 | 0.00 | — | 0.00 | Sep 30, 2022 | An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File. | |||
| CVE-2022-40774 | 0.00 | — | 0.00 | Sep 18, 2022 | An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize. | |||
| CVE-2022-40775 | 0.00 | — | 0.00 | Sep 18, 2022 | An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields. | |||
| CVE-2022-40738 | 0.00 | — | 0.01 | Sep 15, 2022 | An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write. | |||
| CVE-2022-40736 | 0.00 | — | 0.01 | Sep 15, 2022 | An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp. | |||
| CVE-2022-40737 | 0.00 | — | 0.01 | Sep 15, 2022 | An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields. | |||
| CVE-2022-40438 | 0.00 | — | 0.01 | Sep 14, 2022 | Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | |||
| CVE-2022-40439 | 0.00 | — | 0.01 | Sep 14, 2022 | An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | |||
| CVE-2022-35165 | 0.00 | — | 0.00 | Aug 18, 2022 | An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input. | |||
| CVE-2021-40943 | 0.00 | — | 0.01 | Jun 28, 2022 | In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | |||
| CVE-2021-40941 | 0.00 | — | 0.01 | Jun 27, 2022 | In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||
| CVE-2022-31287 | 0.00 | — | 0.01 | Jun 10, 2022 | An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp. | |||
| CVE-2022-31285 | 0.00 | — | 0.01 | Jun 10, 2022 | An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h. | |||
| CVE-2022-31282 | 0.00 | — | 0.01 | Jun 10, 2022 | Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. | |||
| CVE-2022-29017 | 0.00 | — | 0.01 | May 16, 2022 | Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S. | |||
| CVE-2022-27607 | 0.00 | — | 0.01 | Mar 21, 2022 | Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531. | |||
| CVE-2021-32265 | 0.00 | — | 0.02 | Sep 20, 2021 | An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure. | |||
| CVE-2020-23334 | 0.00 | — | 0.01 | Aug 17, 2021 | A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault. | |||
| CVE-2020-23333 | 0.00 | — | 0.01 | Aug 17, 2021 | A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS). | |||
| CVE-2020-23331 | 0.00 | — | 0.01 | Aug 17, 2021 | An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). | |||
| CVE-2020-23332 | 0.00 | — | 0.01 | Aug 17, 2021 | A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS). | |||
| CVE-2020-21066 | 0.00 | — | 0.01 | Aug 13, 2021 | An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac. | |||
| CVE-2021-35307 | 0.00 | — | 0.01 | Aug 5, 2021 | An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). | |||
| CVE-2020-19722 | 0.00 | — | 0.01 | Jul 13, 2021 | An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS). | |||
| CVE-2020-19720 | 0.00 | — | 0.01 | Jul 13, 2021 | An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). | |||
| CVE-2020-19718 | 0.00 | — | 0.01 | Jul 13, 2021 | An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS). | |||
| CVE-2020-23912 | 0.00 | — | 0.01 | Apr 21, 2021 | An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service. | |||
| CVE-2019-20090 | 0.00 | — | 0.01 | Dec 30, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp. | |||
| CVE-2019-20091 | 0.00 | — | 0.01 | Dec 30, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp. | |||
| CVE-2019-20092 | 0.00 | — | 0.01 | Dec 30, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp. | |||
| CVE-2019-17529 | 0.00 | — | 0.01 | Oct 12, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp. | |||
| CVE-2019-17530 | 0.00 | — | 0.01 | Oct 12, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in… | |||
| CVE-2019-17452 | 0.00 | — | 0.01 | Oct 10, 2019 | Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump. | |||
| CVE-2019-17453 | 0.00 | — | 0.01 | Oct 10, 2019 | Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact. | |||
| CVE-2019-16349 | 0.00 | — | 0.01 | Sep 16, 2019 | Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. | |||
| CVE-2019-15047 | 0.00 | — | 0.01 | Aug 14, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp. | |||
| CVE-2019-15048 | 0.00 | — | 0.01 | Aug 14, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp. | |||
| CVE-2019-15049 | 0.00 | — | 0.01 | Aug 14, 2019 | An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp. |
- CVE-2022-41430Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.
- CVE-2022-41429Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
- CVE-2022-41428Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.
- CVE-2022-41427Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux.
- CVE-2022-41426Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_AtomFactory::CreateAtomFromStream function in mp4split.
- CVE-2022-41425Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt.
- CVE-2022-41423Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component.
- CVE-2022-41424Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls.
- CVE-2022-41419Oct 3, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_Processor::Process function in the mp4encrypt binary.
- CVE-2022-41845Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h.
- CVE-2022-41846Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
- CVE-2022-41847Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp.
- CVE-2022-41841Sep 30, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File.
- CVE-2022-40774Sep 18, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.
- CVE-2022-40775Sep 18, 2022risk 0.00cvss —epss 0.00
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.
- CVE-2022-40738Sep 15, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write.
- CVE-2022-40736Sep 15, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp.
- CVE-2022-40737Sep 15, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.
- CVE-2022-40438Sep 14, 2022risk 0.00cvss —epss 0.01
Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
- CVE-2022-40439Sep 14, 2022risk 0.00cvss —epss 0.01
An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
- CVE-2022-35165Aug 18, 2022risk 0.00cvss —epss 0.00
An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.
- CVE-2021-40943Jun 28, 2022risk 0.00cvss —epss 0.01
In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS).
- CVE-2021-40941Jun 27, 2022risk 0.00cvss —epss 0.01
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS).
- CVE-2022-31287Jun 10, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.
- CVE-2022-31285Jun 10, 2022risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h.
- CVE-2022-31282Jun 10, 2022risk 0.00cvss —epss 0.01
Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175.
- CVE-2022-29017May 16, 2022risk 0.00cvss —epss 0.01
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
- CVE-2022-27607Mar 21, 2022risk 0.00cvss —epss 0.01
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
- CVE-2021-32265Sep 20, 2021risk 0.00cvss —epss 0.02
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.
- CVE-2020-23334Aug 17, 2021risk 0.00cvss —epss 0.01
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
- CVE-2020-23333Aug 17, 2021risk 0.00cvss —epss 0.01
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS).
- CVE-2020-23331Aug 17, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).
- CVE-2020-23332Aug 17, 2021risk 0.00cvss —epss 0.01
A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS).
- CVE-2020-21066Aug 13, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac.
- CVE-2021-35307Aug 5, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).
- CVE-2020-19722Jul 13, 2021risk 0.00cvss —epss 0.01
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS).
- CVE-2020-19720Jul 13, 2021risk 0.00cvss —epss 0.01
An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
- CVE-2020-19718Jul 13, 2021risk 0.00cvss —epss 0.01
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
- CVE-2020-23912Apr 21, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.
- CVE-2019-20090Dec 30, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
- CVE-2019-20091Dec 30, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp.
- CVE-2019-20092Dec 30, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp.
- CVE-2019-17529Oct 12, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
- CVE-2019-17530Oct 12, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in…
- CVE-2019-17452Oct 10, 2019risk 0.00cvss —epss 0.01
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.
- CVE-2019-17453Oct 10, 2019risk 0.00cvss —epss 0.01
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.
- CVE-2019-16349Sep 16, 2019risk 0.00cvss —epss 0.01
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
- CVE-2019-15047Aug 14, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
- CVE-2019-15048Aug 14, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.
- CVE-2019-15049Aug 14, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.
Page 3 of 4