Unrated severityNVD Advisory· Published Feb 1, 2024· Updated Nov 4, 2025
OpenEXR Heap Overflow in Scanline Deep Data Parsing
CVE-2023-5841
Description
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2.2 and v3.1.12 of the affected library.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versions
< 3.1.1-2.el9_4.1+ 2 more
- (no CPE)range: < 3.1.1-2.el9_4.1
- (no CPE)range: < 3.1.1-2.el9_4.1
- (no CPE)range: < 3.1.1-2.el9_4.1
- Academy Software Foundation/OpenEXRv5Range: 0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.