In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
Max CVSS
6.5
EPSS Score
0.06%
Published
2024-01-12
Updated
2024-02-05
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
Max CVSS
6.5
EPSS Score
1.79%
Published
2021-02-23
Updated
2022-09-30
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
Max CVSS
4.3
EPSS Score
0.21%
Published
2016-01-29
Updated
2016-12-03
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
Max CVSS
4.3
EPSS Score
0.40%
Published
2016-01-29
Updated
2017-01-20
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
Max CVSS
9.6
EPSS Score
0.83%
Published
2016-01-29
Updated
2017-01-20
5 vulnerabilities found