Mp4v2_project Mp4v2
10 CVEs affecting Mp4v2_project Mp4v2. Latest disclosed: 2023-06-02. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-33718 | High | 8.8 | 2023-05-31 | mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp |
CVE-2023-29578 | High | 8.8 | 2023-04-24 | mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp. |
CVE-2023-29584 | High | 8.8 | 2023-04-14 | mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp. |
CVE-2018-7339 | High | 8.8 | 2018-02-23 | The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a… |
CVE-2023-33720 | Medium | 6.5 | 2023-05-26 | mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty. |
CVE-2018-17236 | Medium | 6.5 | 2018-09-20 | The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally calls free() on a invalid pointer, raising a SIGABRT signal. |
CVE-2018-17235 | Medium | 6.5 | 2018-09-20 | The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads… |
CVE-2023-33717 | Medium | 5.5 | 2023-06-02 | mp4v2 v2.1.3 was discovered to contain a memory leak when a method calling MP4File::ReadBytes() had allocated memory but did not catch exceptions thrown by Rea… |
CVE-2023-1451 | Low | 3.3 | 2023-03-17 | A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFileOffset of the fil… |
CVE-2023-1450 | Low | 3.3 | 2023-03-17 | A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulatio… |