Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: AHA
Published: 2024-02-01T18:28:05.892Z
Updated: 2024-02-21T23:36:15.206Z
Reserved: 2023-10-29T23:41:19.153Z
Link: CVE-2023-5841
JSON object: View
NVD Information
Status : Modified
Published: 2024-02-01T19:15:08.097
Modified: 2024-02-26T16:27:49.420
Link: CVE-2023-5841
JSON object: View
Redhat Information
No data.