Vulnerabilities > Openexr > Openexr > 3.1.3

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2023-5841 Out-of-bounds Write vulnerability in Openexr
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability.
network
low complexity
openexr CWE-787
critical
 9.1
9.1
2022-01-01 CVE-2021-45942 Out-of-bounds Write vulnerability in multiple products
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).
local
low complexity
openexr fedoraproject debian CWE-787
5.5
5.5