CVE-2022-3816

Source
https://cve.org/CVERecord?id=CVE-2022-3816
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3816.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-3816
Downstream
Published
2022-11-01T00:00:00Z
Modified
2026-07-08T06:04:02.089591829Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVSS Calculator
Summary
Axiomatic Bento4 mp4decrypt memory leak
Details

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Affected is an unknown function of the component mp4decrypt. The manipulation leads to memory leak. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212682 is the identifier assigned to this vulnerability.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3816.json",
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-404"
    ]
}
References

Affected packages

Git / github.com/axiomatic-systems/bento4

Affected ranges

Type
GIT
Repo
https://github.com/axiomatic-systems/bento4
Events
Database specific
{
    "cpe": "cpe:2.3:a:axiosys:bento4:1.6.0-639:*:*:*:*:*:*:*",
    "source": "CPE_STRING",
    "extracted_events": [
        {
            "introduced": "1.6.0-639"
        },
        {
            "last_affected": "1.6.0-639"
        }
    ]
}

Affected versions

1.*
1.6.0-639
v1.*
v1.6.0-639

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3816.json"