Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-3598

Опубликовано: 06 июл. 2021
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 2.1
CVSS3: 5.5

Описание

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

РелизСтатусПримечание
bionic

released

2.2.0-11.1ubuntu1.7
devel

not-affected

2.5.7-1
esm-apps/focal

released

2.3.0-6ubuntu0.5+esm1
esm-apps/jammy

not-affected

2.5.7-1
esm-apps/noble

not-affected

2.5.7-1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

2.2.0-11.1ubuntu1.7
esm-infra/xenial

released

2.2.0-10ubuntu2.6+esm1
focal

ignored

end of standard support, was needed
groovy

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 37%
0.00162
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-3598

CVSS3: 5.5
redhat
больше 4 лет назад

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

nvd логотип

CVE-2021-3598

CVSS3: 5.5
nvd
больше 4 лет назад

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

debian логотип

CVE-2021-3598

CVSS3: 5.5
debian
больше 4 лет назад

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in ...

github логотип

GHSA-fg32-5982-62p3

CVSS3: 5.5
github
больше 3 лет назад

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

fstec логотип

BDU:2021-04485

CVSS3: 5.5
fstec
больше 4 лет назад

Уязвимость функции ImfDeepScanLineInputFile() библиотеки OpenEXR, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 37%
0.00162
Низкий

2.1 Low

CVSS2

5.5 Medium

CVSS3