Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3475

Опубликовано: 30 мар. 2021
Источник: debian

Описание

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
openexrfixed2.5.4-1package

Примечания

  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297

  • https://github.com/AcademySoftwareFoundation/openexr/commit/2a18ed424a854598c2a20b5dd7e782b436a1e753

Связанные уязвимости

ubuntu логотип

CVE-2021-3475

CVSS3: 5.3
ubuntu
почти 5 лет назад

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

redhat логотип

CVE-2021-3475

CVSS3: 5.3
redhat
почти 5 лет назад

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

nvd логотип

CVE-2021-3475

CVSS3: 5.3
nvd
почти 5 лет назад

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

github логотип

GHSA-f6vh-h3m7-7676

CVSS3: 5.3
github
больше 3 лет назад

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

fstec логотип

BDU:2021-01983

CVSS3: 5.3
fstec
больше 5 лет назад

Уязвимость функции calculateNumTiles()(OpenEXR/IlmImf/ImfTiledMisc.cpp) библиотеки OpenEXR, позволяющая нарушителю вызвать отказ в обслуживании