CVE-2022-3812: Axiomatic Bento4 mp4encrypt AP4_ContainerAtom memory leak
First published: Tue Nov 01 2022(Updated: )
A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. Affected by this issue is the function AP4_ContainerAtom::AP4_ContainerAtom of the component mp4encrypt. The manipulation leads to memory leak. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212678 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| =1.6.0-639 | ||
| Axiosys Bento4 | =1.6.0-639 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-3812?
The severity of CVE-2022-3812 is medium with a CVSS score of 6.5.
How does CVE-2022-3812 affect Axiomatic Bento4?
CVE-2022-3812 affects the function AP4_ContainerAtom::AP4_ContainerAtom of the component mp4encrypt in Axiomatic Bento4, leading to a memory leak.
Is CVE-2022-3812 a remote vulnerability?
Yes, CVE-2022-3812 can be exploited remotely.
Is there a known exploit for CVE-2022-3812?
Yes, a proof-of-concept exploit has been disclosed for CVE-2022-3812.
How can I fix CVE-2022-3812 in Axiomatic Bento4 version 1.6.0-639?
At the moment, there is no official fix available for CVE-2022-3812. It is recommended to stay updated with the latest security advisories and patches for Axiomatic Bento4.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/author
- agent/softwarecombine
- agent/references
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/title
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/axiosys
- canonical/axiosys bento4
- version/axiosys bento4/1.6.0-639