Unrated severityOSV Advisory· Published Jan 1, 2019· Updated Aug 5, 2024

CVE-2018-20652

Description

An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted input, which leads to an out-of-memory exception.

Affected products

Syoyo/TinyexrOSV2 versions
v0.9.0, v0.9.5+ 1 more
- (no CPE)range: v0.9.0, v0.9.5
- (no CPE)range: <= 0.9.5

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/syoyo/tinyexr/issues/104mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000