QwikSec

Security Database

CVE

CWE

Training

CVE-2023-5841

Published: Feb 1, 2024

Modified: Nov 4, 2025

PUBLISHED

Description

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.

Vendor	Product	Versions
Academy Software Foundation	OpenEXR	affected `0 - <= 3.2.1` unaffected `3.2.2` unaffected `3.1.12`

Weaknesses (CWE)

References

https://takeonme.org/cves/CVE-2023-5841.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/LSB6DB5LAKGPLRXEF5HDNGUMT7GIFT2C/

https://lists.fedoraproject.org/archives/list/[email protected]/message/XWMINVKQLSUHECXBSQMZFCSDRIHFOJJI/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.