Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-48073

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 31 июл. 2025
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: redhat
CVSS3: 3.3
EPSS Низкий

ОписаниС

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. This is fixed in version 3.3.3.

A NULL pointer dereference flaw was found in OpenEXR. When reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation.

ΠœΠ΅Ρ€Ρ‹ ΠΏΠΎ ΡΠΌΡΠ³Ρ‡Π΅Π½ΠΈΡŽ послСдствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΠ°ΠΊΠ΅Ρ‚Ρ‹

ΠŸΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΠ°ΠŸΠ°ΠΊΠ΅Ρ‚Π‘ΠΎΡΡ‚ΠΎΡΠ½ΠΈΠ΅Π Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΡΠ Π΅Π»ΠΈΠ·
Red Hat Enterprise Linux 10openexrNot affected
Red Hat Enterprise Linux 6ilmbaseNot affected
Red Hat Enterprise Linux 6OpenEXRNot affected
Red Hat Enterprise Linux 7ilmbaseNot affected
Red Hat Enterprise Linux 7OpenEXRNot affected
Red Hat Enterprise Linux 8ilmbaseNot affected
Red Hat Enterprise Linux 8OpenEXRNot affected
Red Hat Enterprise Linux 9openexrNot affected

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

Π”ΠΎΠΏΠΎΠ»Π½ΠΈΡ‚Π΅Π»ΡŒΠ½Π°Ρ информация

Бтатус:

Low
Π”Π΅Ρ„Π΅ΠΊΡ‚:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=2385867openexr: OpenEXR NULL pointer dereference

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 15%
0.00048
Низкий

3.3 Low

CVSS3

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-48073

CVSS3: 6.2
ubuntu
8 мСсяцСв Π½Π°Π·Π°Π΄

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. This is fixed in version 3.3.3.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-48073

CVSS3: 6.2
nvd
8 мСсяцСв Π½Π°Π·Π°Π΄

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. This is fixed in version 3.3.3.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2025-48073

CVSS3: 6.2
debian
8 мСсяцСв Π½Π°Π·Π°Π΄

OpenEXR provides the specification and reference implementation of the ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-qhpm-86v7-phmm

github
8 мСсяцСв Π½Π°Π·Π°Π΄

OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 15%
0.00048
Низкий

3.3 Low

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2025-48073