CVE-2023-33717

Name of the Vulnerable Software and Affected Versions mp4v2 version 2.1.3

Description The issue is related to a memory leak in the mp4v2 library when a method calling MP4File::ReadBytes() allocates memory but does not catch exceptions thrown by ReadBytes(). This can lead to a denial of service.

Recommendations For mp4v2 version 2.1.3, consider implementing exception handling for the ReadBytes() method to prevent memory leaks. As a temporary workaround, review code that allocates memory and ensure proper exception handling to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.