CNNVD-202508-324 Information
Aug 05, 2025
cve
CNNVD ID
CNNVD-202508-324
Related CVE
- CNNVD Published: 2025-08-05
Description (Chinese)
Bento4是Axiomatic Systems开源的一款用于读写MP4文件的开源的C++库。 Bento4 6.0-641及之前版本存在安全漏洞,该漏洞源于文件Mp4Decrypt.cpp中函数AP4_DataBuffer::SetDataSize存在资源分配问题。
Description (English)
Bento4 is an open-source C++ library for reading and writing MP4 files. There is a security loophole in Bento4 6.0-641 and earlier versions, which stems from the problem of resource allocation for function AP4 DataBuffer:SetDataSize in document Mp4Decrypt.cpp.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Axiomatic Systems
Published
2025-08-05
Last Modified
2026-02-24
References
https://github.com/axiomatic-systems/Bento4/issues/1037 https://vuldb.com/?ctiid.318666 https://vuldb.com/?id.318666 https://drive.google.com/file/d/1AkRpx3wcMy3Ic9tQeQyRJybBipK72aQO/view?usp=drive_link https://vuldb.com/?submit.619602
Share on: