Bento4 Security Vulnerabilities
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp.
6.5CVSS
6.4AI Score
0.001EPSS
An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.
6.5CVSS
6.5AI Score
0.001EPSS
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write.
6.5CVSS
6.4AI Score
0.001EPSS
An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.
5.5CVSS
5.4AI Score
0.001EPSS
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.
5.5CVSS
5.4AI Score
0.001EPSS
5.5CVSS
5.5AI Score
0.001EPSS
5.5CVSS
5.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_Processor::Process function in the mp4encrypt binary.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_SttsAtom::Create function in mp42hls.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4_AtomFactory::CreateAtomFromStream function in mp4split.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed function in mp4mux.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux.
8.8CVSS
8.8AI Score
0.002EPSS
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
8.8CVSS
8.8AI Score
0.002EPSS
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.
8.8CVSS
8.8AI Score
0.002EPSS
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File.
5.5CVSS
5.4AI Score
0.001EPSS
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h.
5.5CVSS
5.5AI Score
0.001EPSS
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
5.5CVSS
5.5AI Score
0.001EPSS
An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp.
5.5CVSS
5.4AI Score
0.001EPSS
An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.
6.5CVSS
6.4AI Score
0.001EPSS
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.
6.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts.
6.5CVSS
6.7AI Score
0.001EPSS
An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.
6.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp.
6.5CVSS
6.4AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts.
6.5CVSS
6.6AI Score
0.001EPSS
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to t...
8.8CVSS
8.8AI Score
0.004EPSS
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component.
5.5CVSS
5.5AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component.
5.5CVSS
5.5AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component.
5.5CVSS
5.5AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.
5.5CVSS
5.5AI Score
0.001EPSS
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt.
5.5CVSS
5.5AI Score
0.0004EPSS
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.
6.5CVSS
6.5AI Score
0.0005EPSS
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function.
5.5CVSS
5.5AI Score
0.0004EPSS
Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_StszAtom::GetSampleSize() function.
5.5CVSS
5.5AI Score
0.0004EPSS
Bento4 v1.6.0-640 was discovered to contain a NULL pointer dereference via the AP4_DescriptorFinder::Test() function.
5.5CVSS
5.5AI Score
0.0004EPSS