CVE-2025-8537 | Axiomatic Bento4 up to 1.6.0-641 mp4decrypt Mp4Decrypt.cpp SetDataSize allocation of resources (Issue 1037)

A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources.

This vulnerability is traded as CVE-2025-8537. It is possible to launch the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More