CVE-2025-25945 Information

Description

An issue in Bento4 v1.6.0-641 allows an attacker to obtain sensitive information via the the Mp4Fragment.cpp and in AP4_DescriptorFactory::CreateDescriptorFromStream at Ap4DescriptorFactory.cpp.

Reference

https://github.com/axiomatic-systems/Bento4/issues/993