Описание
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.2.0-11.1ubuntu1.6 |
| devel | not-affected | 2.5.7-1 |
| esm-apps/focal | released | 2.3.0-6ubuntu0.5 |
| esm-apps/jammy | not-affected | 2.5.7-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 2.2.0-11.1ubuntu1.6 |
| esm-infra/xenial | released | 2.2.0-10ubuntu2.6 |
| focal | released | 2.3.0-6ubuntu0.5 |
| groovy | released | 2.5.3-2ubuntu0.2 |
| hirsute | not-affected | 2.5.4-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.
There's a flaw in OpenEXR's Scanline API functionality in versions bef ...
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.
Уязвимость интерфейса Scanline API библиотеки OpenEXR, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3