CVE-2021-3479

Uncontrolled Resource Consumption in conan/openexr

Identifiers

CVE-2021-3479

Package Slug

conan/openexr

Vulnerability

Uncontrolled Resource Consumption

Description

There's a flaw in OpenEXR's Scanline API functionality . An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.

Affected Versions

All versions before 2.4.3, all versions starting from 2.5.0 before 2.5.4

Solution

Upgrade to version 2.5.4 or above.

Last Modified

2021-04-06

source