CVE-2021-3598
Improper Restriction of Operations within the Bounds of a Memory Buffer in conan/openexr
Identifiers
CVE-2021-3598
Package Slug
conan/openexr
Vulnerability
Improper Restriction of Operations within the Bounds of a Memory Buffer
Description
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
Affected Versions
All versions before 3.0.5
Solution
Upgrade to version 3.1.4 or above.
Last Modified
2021-07-12
| source |