CVE-2021-26945

Опубликовано: 08 июн. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1947591
Issue Tracking
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1947591
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*

Версия до 3.0.1 (исключая)

EPSS

Процентиль: 49%

0.00256

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-400

CWE-190

Связанные уязвимости

CVE-2021-26945

CVSS3: 5.5

ubuntu

больше 4 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

CVE-2021-26945

CVSS3: 5.5

redhat

почти 5 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

CVE-2021-26945

CVSS3: 5.5

debian

больше 4 лет назад

An integer overflow leading to a heap-buffer overflow was found in Ope ...

GHSA-h5g9-4xw7-698r

CVSS3: 5.5

github

больше 3 лет назад

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

EPSS

Процентиль: 49%

0.00256

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-400

CWE-190