CVE-2021-3476

Integer Overflow or Wraparound in conan/openexr

Identifier

CVE-2021-3476

Package Slug

conan/openexr

Vulnerability

Integer Overflow or Wraparound

Description

A flaw was found in OpenEXR's B44 uncompression functionality. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.

Affected Versions

All versions before 2.5.4

Solution

Upgrade to version 2.5.4 or above.

Last Modified

2021-04-22

source