Описание
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
Отчет
The versions of OpenEXR shipped with Red Hat Enterprise Linux 6, 7, and 8 are not affected by this flaw as the affected code was introduced in a newer version of OpenEXR.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | OpenEXR | Not affected | ||
| Red Hat Enterprise Linux 7 | OpenEXR | Not affected | ||
| Red Hat Enterprise Linux 8 | mingw-OpenEXR | Not affected | ||
| Red Hat Enterprise Linux 8 | OpenEXR | Not affected | ||
| Red Hat Enterprise Linux 9 | OpenEXR | Not affected |
Показывать по
Дополнительная информация
Статус:
6.2 Medium
CVSS3
Связанные уязвимости
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
Уязвимость функции DeepScanLineInputFile::DeepScanLineInputFile() программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с использованием памяти после её освобождения, позволяющая нарушителю вызвать отказ в обслуживании
6.2 Medium
CVSS3