Vulnerability roundup 112: bento4-1.6.0-639: 1 advisory [8.1]

[ckauhaus]

search, files

• [ ] CVE-2022-27607 CVSSv3=8.1 (nixos-21.11, nixos-unstable)

CVE details

CVE-2022-27607

Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.

---

Scanned versions: nixos-21.11: efea022d6fe; nixos-unstable: 710fed5a248.

Cc @makefu

[tomodachi94]

Upstream ticket: https://github.com/axiomatic-systems/Bento4/issues/677