Lucene search

K

GoogleOSV:CVE-2021-3475

HistoryMar 30, 2021 - 6:15 p.m.

CVE-2021-3475

2021-03-3018:15:18

Google

osv.dev

14

openexr

integer overflow

application availability

cve-2021-3475

AI Score

6.5

Confidence

High

EPSS

0.002

Percentile

52.7%

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

References

bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297

bugzilla.redhat.com/show_bug.cgi?id=1939144

lists.debian.org/debian-lts-announce/2021/07/msg00001.html

lists.debian.org/debian-lts-announce/2022/12/msg00022.html

security.gentoo.org/glsa/202107-27

AI Score

6.5

Confidence

High

EPSS

0.002

Percentile

52.7%

Related for OSV:CVE-2021-3475

alpinelinux1 nvd1 prion1 ubuntucve1 debiancve1 redhatcve1 cvelist1 veracode1 cve1 openvas9 nessus14 suse1 amazon1 cloudfoundry1 osv3 ubuntu1 rosalinux1 freebsd1 debian2 mageia1 gentoo1