Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-20298

Опубликовано: 15 фев. 2021
Источник: redhat
CVSS3: 7.5

Описание

A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6OpenEXROut of support scope
Red Hat Enterprise Linux 7OpenEXROut of support scope
Red Hat Enterprise Linux 8gimp:flatpak/OpenEXRFix deferred
Red Hat Enterprise Linux 8OpenEXRFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1939156OpenEXR: Out-of-memory in B44Compressor

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-20298

CVSS3: 7.5
ubuntu
больше 3 лет назад

A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.

nvd логотип

CVE-2021-20298

CVSS3: 7.5
nvd
больше 3 лет назад

A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.

debian логотип

CVE-2021-20298

CVSS3: 7.5
debian
больше 3 лет назад

A flaw was found in OpenEXR's B44Compressor. This flaw allows an attac ...

github логотип

GHSA-c8fj-ggrc-c3hc

CVSS3: 7.5
github
больше 3 лет назад

A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.

fstec логотип

BDU:2024-07289

CVSS3: 7.5
fstec
больше 5 лет назад

Уязвимость компонента B44Compressor программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, позволяющая нарушителю вызвать отказ в обслуживании

7.5 High

CVSS3