Home > Vulnerability Database > CVE-2022-3668

Mend.io Vulnerability Database

CVE-2022-3668

Date: October 25, 2022

A vulnerability has been found in Axiomatic Bento4 and classified as problematic. This vulnerability affects the function AP4_AtomFactory::CreateAtomFromStream of the component mp4edit. The manipulation leads to memory leak. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212008.

Language: C++

Severity Score

5.3

Related Resources (5)

Url: https://vuldb.com/?id.212008

Url: https://github.com/axiomatic-systems/Bento4/files/9640968/Bug_1_POC.zip

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-3668

Url: https://github.com/axiomatic-systems/Bento4/issues/776

Url: https://www.mend.io/vulnerability-database/CVE-2022-3668

Severity Score

5.3

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

Missing Release of Memory after Effective Lifetime

CWE-401

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2022-3668

Date: October 25, 2022

Language: C++

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?