CVE-2024-37017

Name of the Vulnerable Software and Affected Versions asdcplib versions 2.13.1

Description The issue is a heap-based buffer over-read in the ASDCP::TimedText::MXFReader::h Reader::MD to TimedText TDesc function, located in AS DCP TimedText.cpp within the libasdcp.so library.

Recommendations For asdcplib version 2.13.1, at the moment, there is no information about a newer version that contains a fix for this issue.