CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
28.8%
openexr is vulnerable to due Out-of-bounds Write. The vulnerability is due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanline data. This vulnerability was addressed in versions v3.2.2 and v3.1.12 of the affected library.
lists.fedoraproject.org/archives/list/[email protected]/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/
lists.fedoraproject.org/archives/list/[email protected]/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.19/community.yaml
takeonme.org/cves/CVE-2023-5841.html