CVE-2021-23169

Published: Jun 8, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.

Vendor	Product	Versions
n/a	OpenEXR	affected `OpenEXR 3.0.1`

Weaknesses (CWE)

CWE-787

References

FEDORA-2021-c194de7719

vendor-advisory

FEDORA-2021-6af32bfcd2

vendor-advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1947612

GLSA-202210-31

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-23169

Description

Affected Products

Weaknesses (CWE)

References