Every CVE whose affected-product data names Mp4v2 Project Mp4v2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2023-29584 — CVSS 8.8 (high): mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.
CVE-2023-29578 — CVSS 8.8 (high): mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at…
CVE-2018-7339 — CVSS 8.8 (high): The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote…
CVE-2023-33718 — CVSS 8.8 (high): mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString() at mp4file_io.cpp
CVE-2018-17236 — CVSS 6.5 (medium): The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally calls free() on a invalid pointer, raising a SIGABRT signal.
CVE-2018-17235 — CVSS 6.5 (medium): The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted…
CVE-2023-33717 — CVSS 5.5 (medium): mp4v2 v2.1.3 was discovered to contain a memory leak when a method calling MP4File::ReadBytes() had allocated memory but did not catch…
CVE-2023-1450 — CVSS 3.3 (low): A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file…
CVE-2023-1451 — CVSS 3.3 (low): A vulnerability was found in MP4v2 2.1.2. It has been classified as problematic. Affected is the function mp4v2::impl::MP4Track::GetSampleFi…