Unrated severityNVD Advisory· Published Aug 25, 2021· Updated Aug 3, 2024
CVE-2021-3605
CVE-2021-3605
Description
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- security.gentoo.org/glsa/202210-31mitrevendor-advisory
- www.debian.org/security/2022/dsa-5299mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2022/12/msg00022.htmlmitremailing-list
- bugzilla.redhat.com/show_bug.cgimitre
News mentions
0No linked articles in our index yet.