Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: AHA
Published: 2024-02-01T18:28:05.892Z
Updated: 2024-08-02T08:14:24.651Z
Reserved: 2023-10-29T23:41:19.153Z
Link: CVE-2023-5841
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-02-01T19:15:08.097
Modified: 2024-02-26T16:27:49.420
Link: CVE-2023-5841
Redhat