Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-20302

Опубликовано: 15 фев. 2021
Источник: redhat
CVSS3: 5.3

Описание

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6OpenEXROut of support scope
Red Hat Enterprise Linux 7OpenEXROut of support scope
Red Hat Enterprise Linux 8gimp:flatpak/OpenEXRFix deferred
Red Hat Enterprise Linux 8OpenEXRFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1939161OpenEXR: Floating-point-exception in Imf_2_5::precalculateTileInfot

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-20302

CVSS3: 5.5
ubuntu
почти 4 года назад

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability.

nvd логотип

CVE-2021-20302

CVSS3: 5.5
nvd
почти 4 года назад

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability.

debian логотип

CVE-2021-20302

CVSS3: 5.5
debian
почти 4 года назад

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw ...

github логотип

GHSA-xj9w-76w3-9v9v

CVSS3: 5.5
github
почти 4 года назад

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability.

fstec логотип

BDU:2023-01678

CVSS3: 5.3
fstec
больше 5 лет назад

Уязвимость функционала TiledInputFile программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, позволяющая нарушителю вызвать отказ в обслуживании

5.3 Medium

CVSS3