Home > Vulnerability Database > CVE-2022-3669

Mend.io Vulnerability Database

CVE-2022-3669

Date: October 25, 2022

A vulnerability was found in Axiomatic Bento4 and classified as problematic. This issue affects the function AP4_AvccAtom::Create of the component mp4edit. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212009 was assigned to this vulnerability.

Language: C++

Severity Score

5.3

Related Resources (5)

Url: https://vuldb.com/?id.212009

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-3669

Url: https://github.com/axiomatic-systems/Bento4/files/9675042/Bug_2_POC.zip

Url: https://github.com/axiomatic-systems/Bento4/issues/776

Url: https://www.mend.io/vulnerability-database/CVE-2022-3669

Severity Score

5.3

Weakness Type (CWE)

Improper Resource Shutdown or Release

CWE-404

Missing Release of Memory after Effective Lifetime

CWE-401

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2022-3669

Date: October 25, 2022

Language: C++

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?