Monday, July 12, 2021

Debian: CVE-2021-3598: openexr -- security update

Description
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
Solution(s)
  • debian-upgrade-openexr


  • References
  • https://attackerkb.com/topics/cve-2021-3598
  • CVE - 2021-3598
  • DLA-2701-1




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated