OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < f892165c564e3aab272948dbb556cc20e290c55a |
| n/a | n/a | 0.1 |