CVE-2024-30809

Severity CVSS v4.0:
Pending analysis
Type:
CWE-416 Use After Free
Publication date:
02/04/2024
Last modified:
27/05/2025

Description

An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap-use-after-free in Ap4Sample.h in AP4_Sample::GetOffset() const, leading to a Denial of Service (DoS), as demonstrated by mp42ts.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:axiosys:bento4:1.6.0-641:*:*:*:*:*:*:*