Derekxcop

#7550of 53,624
36.4Total CVSS
Vulnerabilities · 5
Medium
2
High
3
PT-2022-23548
5.5
2022-10-26
Axiomatic · Bento4 · CVE-2022-3668
**Name of the Vulnerable Software and Affected Versions** Axiomatic Bento4 (affected versions not specified) **Description** A memory leak issue has been discovered, affecting the `AP4 AtomFactory::CreateAtomFromStream` function of the `mp4edit` component. This issue can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-23557
5.5
2022-10-26
Axiomatic · Bento4 · CVE-2022-3669
**Name of the Vulnerable Software and Affected Versions** Axiomatic Bento4 (affected versions not specified) **Description** A memory leak issue was found in the function `AP4 AvccAtom::Create` of the `mp4edit` component. This issue can be exploited remotely, leading to potential security risks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-23566
7.8
2022-10-26
Axiomatic · Bento4 · CVE-2022-3670
**Name of the Vulnerable Software and Affected Versions** Axiomatic Bento4 (affected versions not specified) **Description** A critical issue has been found, classified as a heap-based buffer overflow. This occurs in the `WriteSample` function of the `mp42hevc` component. The issue can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-25862
8.8
2022-10-03
Bento4 · Bento4 · CVE-2022-41428
**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.6.0-639 **Description** A heap overflow issue was discovered in the AP4 BitReader::ReadBits function within the mp4mux component of Bento4. **Recommendations** For Bento4 version 1.6.0-639, consider restricting access to the mp4mux component until a patch is available. As a temporary workaround, avoid using the AP4 BitReader::ReadBits function to minimize the risk of exploitation.
PT-2022-25864
8.8
2022-10-03
Bento4 · Bento4 · CVE-2022-41430
**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.6.0-639 **Description** A heap overflow issue was discovered in the AP4 BitReader::ReadBit function within the mp4mux component of Bento4. This issue can be exploited via the `AP4 BitReader::ReadBit` function. **Recommendations** For Bento4 version 1.6.0-639, consider applying a patch or fix that addresses the heap overflow issue in the `AP4 BitReader::ReadBit` function, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.