CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29575
https://notcve.org/view.php?id=CVE-2023-29575
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. • https://github.com/axiomatic-systems/Bento4/issues/842 https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp42aac/readme.md • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29573
https://notcve.org/view.php?id=CVE-2023-29573
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. • https://github.com/axiomatic-systems/Bento4/issues/840 https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4info/readme.md • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29574
https://notcve.org/view.php?id=CVE-2023-29574
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component. • https://github.com/axiomatic-systems/Bento4/issues/841 https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp42avc/readme.md •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-29576
https://notcve.org/view.php?id=CVE-2023-29576
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h. • https://github.com/axiomatic-systems/Bento4/issues/844 https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp4decrypt/sigv/readme.md • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-4584 – Axiomatic Bento4 mp42aac heap-based overflow
https://notcve.org/view.php?id=CVE-2022-4584
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. • https://github.com/axiomatic-systems/Bento4/files/10095915/POC2.tar.gz https://github.com/axiomatic-systems/Bento4/issues/818 https://vuldb.com/?ctiid.216170 https://vuldb.com/?id.216170 • CWE-122: Heap-based Buffer Overflow •