CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-33720
https://notcve.org/view.php?id=CVE-2023-33720
mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty. • https://github.com/enzo1982/mp4v2/issues/36 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1451 – MP4v2 mp4track.cpp GetSampleFileOffset denial of service
https://notcve.org/view.php?id=CVE-2023-1451
A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the file mp4track.cpp. The manipulation leads to denial of service. An attack has to be approached locally. • https://github.com/RichTrouble/mp4v2_mp4track_poc https://github.com/RichTrouble/mp4v2_mp4track_poc/blob/main/id_000000%2Csig_08%2Csrc_001076%2Ctime_147809374%2Cexecs_155756872%2Cop_havoc%2Crep_8 https://vuldb.com/?ctiid.223296 https://vuldb.com/?id.223296 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1450 – MP4v2 mp4trackdump.cpp DumpTrack denial of service
https://notcve.org/view.php?id=CVE-2023-1450
A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. • https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc https://github.com/10cksYiqiyinHangzhouTechnology/mp4v2_trackdump_poc/blob/main/id_000005%2Csig_08%2Csrc_000166%2B000357%2Ctime_3137250%2Cexecs_3545598%2Cop_splice%2Crep_16 https://vuldb.com/?ctiid.223295 https://vuldb.com/?id.223295 • CWE-404: Improper Resource Shutdown or Release •