« List of all CVEs

CVE-2021-23169

Published: 6/8/2021 Last updated: 8/3/2024 Reserved: 4/22/2021

A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (1)

conf-openimageio

Products affected (1)

Product Vendor Version
OpenEXR n/a 15.3(3)JAB

References (8)