Matroska-Org/libebml

Matroska-Org/libebml

Releases44

Frequency3 months 3 weeks

Last Release over 2 years ago

Stars162

a C++ library to parse EBML files

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-52339 ↗	Jan 12, 2024Friday, 12 January 2024, 02:15	6.5 MEDIUM	—
In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
CVE-2021-3405 ↗	Feb 23, 2021Tuesday, 23 February 2021, 20:15	6.5 MEDIUM	4.3 MEDIUM
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
CVE-2019-13615 ↗	Jul 16, 2019Tuesday, 16 July 2019, 17:15	—	4.3 MEDIUM
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
CVE-2015-8791 ↗	Jan 29, 2016Friday, 29 January 2016, 19:59	—	4.3 MEDIUM
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
CVE-2015-8790 ↗	Jan 29, 2016Friday, 29 January 2016, 19:59	—	4.3 MEDIUM
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
CVE-2015-8789 ↗	Jan 29, 2016Friday, 29 January 2016, 19:59	—	9.3 HIGH
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.