Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 2.5.4. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.

Source

Severity Low

Remote No

Type Denial of service

Description

There's a flaw in OpenEXR's Scanline API functionality in versions before 2.5.4. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.

AVG-1746 openexr 2.5.3-6 2.5.4-1 Low Fixed

https://bugzilla.redhat.com/show_bug.cgi?id=1939149
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25370
https://github.com/AcademySoftwareFoundation/openexr/pull/830
https://github.com/AcademySoftwareFoundation/openexr/commit/d80f11f4f55100d007ae80a162bf257ec291612c
https://github.com/AcademySoftwareFoundation/openexr/commit/0c2b46f630a3b5f2f561c2849d047ee39f899179

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect