CVE-2020-11760

Опубликовано: 14 апр. 2020

Источник: debian

EPSS Низкий

Описание

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
openexr	fixed	2.5.0-1	experimental	package
openexr	fixed	2.5.3-2		package
openexr	no-dsa		jessie	package

Примечания

https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
https://github.com/AcademySoftwareFoundation/openexr/commit/37750013830def57f19f3c3b7faaa9fc1dae81b3

EPSS

Процентиль: 70%

0.00642

Низкий

Связанные уязвимости

CVE-2020-11760

CVSS3: 5.5

ubuntu

почти 6 лет назад

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

CVE-2020-11760

CVSS3: 5.5

redhat

почти 6 лет назад

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

CVE-2020-11760

CVSS3: 5.5

nvd

почти 6 лет назад

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

GHSA-hjj6-gq2r-v84q

CVSS3: 5.5

github

больше 3 лет назад

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

BDU:2021-03610

CVSS3: 6.5

fstec

почти 6 лет назад

Уязвимость программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 70%

0.00642

Низкий