CVE-2021-3478

Uncontrolled Resource Consumption in conan/openexr

Identifiers

CVE-2021-3478

Package Slug

conan/openexr

Vulnerability

Uncontrolled Resource Consumption

Description

There's a flaw in OpenEXR's scanline input file functionality . An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability.

Affected Versions

All versions before 2.4.3, all versions starting from 2.5.0 before 2.5.4

Solution

Upgrade to version 2.5.4 or above.

Last Modified

2021-04-06

source