Vulnerability Database

290,300

Total vulnerabilities in the database

CVE-2024-24155

Bento4 v1.5.1-628 contains a Memory leak on AP4_Movie::AP4_Movie, parsing tracks and added into m_Tracks list, but mp42aac cannot correctly delete when we got an no audio track found error. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted mp4 file.

  • Published: Feb 29, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2024-24155
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
axiosys / bento4 1.5.1-628 1.5.1-628.x