CRITICAL🇵🇱 Wersja polska

CVE-2023-5841

CVSS 9.1v3.1pub. 2024-02-01upd. 2025-11-04

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Openexr

    APP
    Openexr
    ≤ 3.2.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2026-45696HIGH8.3ten sam produkt

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion ...

CVE-2026-41142HIGH8.8ten sam produkt

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage forma...

CVE-2026-42216HIGH8.8ten sam produkt

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage forma...

CVE-2026-40244HIGH8.4ten sam produkt

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage forma...

CVE-2026-40250HIGH8.4ten sam produkt

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage forma...