CVE-2022-3815: Axiomatic Bento4 mp4decrypt memory leak
First published: Tue Nov 01 2022(Updated: )
A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212681 was assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Axiosys Bento4 | =1.6.0-639 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-3815?
CVE-2022-3815 is a vulnerability found in Axiomatic Bento4 that allows for remote initiation of an attack and can result in a memory leak through the mp4decrypt component.
How severe is CVE-2022-3815?
CVE-2022-3815 is classified as a medium severity vulnerability with a severity value of 6.5.
What is affected by CVE-2022-3815?
Axiomatic Bento4 version 1.6.0-639 is affected by CVE-2022-3815.
How can CVE-2022-3815 be exploited?
CVE-2022-3815 can be exploited remotely by manipulating the mp4decrypt component, leading to a memory leak.
Is there a fix available for CVE-2022-3815?
At the time of writing, there is no known fix available for CVE-2022-3815. It is recommended to follow the recommendations provided by the vendor or the official sources.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/last-modified-date
- agent/title
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/axiosys
- canonical/axiosys bento4
- version/axiosys bento4/1.6.0-639