Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-26945

Опубликовано: 08 июн. 2021
Источник: debian

Описание

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
openexrfixed3.1.5-2package

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1947591

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31221

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31228

  • https://github.com/AcademySoftwareFoundation/openexr/pull/930

  • https://github.com/AcademySoftwareFoundation/openexr/commit/2f01a253db2bc82724405a16c76783c38c67ba05 (v3.0.0-beta)

  • Only affects exrcheck, which isn't built into the binary packages

Связанные уязвимости

ubuntu логотип

CVE-2021-26945

CVSS3: 5.5
ubuntu
больше 4 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

redhat логотип

CVE-2021-26945

CVSS3: 5.5
redhat
почти 5 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

nvd логотип

CVE-2021-26945

CVSS3: 5.5
nvd
больше 4 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

github логотип

GHSA-h5g9-4xw7-698r

CVSS3: 5.5
github
больше 3 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.