CVE-2025-8537 | Axiomatic Bento4 up to 1.6.0-641 mp4decrypt Mp4Decrypt.cpp SetDataSize allocation of resources (Issue 1037)

Inserito da Angelo Barbosa | Ago 4, 2025 | CVE

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources.

This vulnerability is traded as CVE-2025-8537. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-8537 | Axiomatic Bento4 up to 1.6.0-641 mp4decrypt Mp4Decrypt.cpp SetDataSize allocation of resources (Issue 1037)

Post correlati

CVE-2024-13639 | edmonparker Read More & Accordion Plugin up to 3.4.2 on WordPress expmDeleteData authorization

CVE-2025-26361 | Nozomi Q-Free MaxTime up to 2.11.0 HTTP routes.lua missing authentication

CVE-2024-10218 | TIBCO Hawk/Operational Intelligence Monitoring Archive Utility mar.jar cross site scripting

CVE-2024-39405 | Adobe Commerce/Magento Open Source up to 2.4.4-p9/2.4.5-p8/2.4.6-p6/2.4.7-p1 improper authorization (apsb24-61)