CVE-2021-45942

Out-of-bounds Write in conan/openexr

Identifiers

CVE-2021-45942

Package Slug

conan/openexr

Vulnerability

Out-of-bounds Write

Description

OpenEXR has a heap-based buffer overflow in Imf31::LineCompositeTask::execute (called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

Affected Versions

All versions starting from 3.1.0 before 3.1.4

Solution

Upgrade to version 3.1.4 or above.

Last Modified

2022-01-12

source