Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid
Uncontrolled Resource Consumption
Uncontrolled Resource Consumption
-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| debian/openexr | deb | debian | 12 | >=3.1.5-5 | Not yet available |
| debian/openexr | deb | debian | 11 | >=2.5.4-2+deb11u1 | Not yet available |
| debian/openexr | deb | debian | 13 | >=3.1.5-5.1 | Not yet available |
| debian/openexr | deb | debian | unstable | >=3.1.5-5.1 | Not yet available |
| debian/openexr | deb | debian | 10 | >=2.2.1-4.1+deb10u1 | Not yet available |
Severity and metrics
No CVSS data available from this source.
1.8
1.8
1.8
3.9