CVE-2025-59731

Published: Oct 6, 2025

Modified: Feb 26, 2026

PUBLISHED

Description

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size. We recommend upgrading to version 8.0 or beyond.

Vendor	Product	Versions
FFmpeg	FFmpeg	affected `9a32b863074ed4140141e0d3613905c6f1fe61c5 - < 8.0` affected `7.1.1 - < 8.0`

Weaknesses (CWE)

CWE-787

References

https://issuetracker.google.com/436510153

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-59731

Description

Affected Products

Weaknesses (CWE)

References