exploitDog

GHSA-x57g-x9fg-576h

Опубликовано: 29 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.

Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.

Ссылки

EPSS

Процентиль: 69%

0.00596

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-401

Связанные уязвимости

CVE-2024-24155

CVSS3: 6.5

nvd

почти 2 года назад

Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.

EPSS

Процентиль: 69%

0.00596

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-401