Medium severityNVD Advisory· Published Oct 6, 2025· Updated Apr 15, 2026
CVE-2025-59731
CVE-2025-59731
Description
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data.
We read rle_raw_size from the input file at [0], we decompress and decode into the buffer td->rle_raw_data of size rle_raw_size at [1], and then at [2] we will access entries in this buffer up to (td->xsize - 1) * (td->ysize - 1) + rle_raw_size / 2, which may exceed rle_raw_size.
We recommend upgrading to version 8.0 or beyond.
Affected products
49- osv-coords48 versionspkg:apk/chainguard/ffmpeg-7.1-devpkg:apk/chainguard/ffmpeg-7.1-docpkg:apk/chainguard/ffmpeg-7.1-libavcodec61pkg:apk/chainguard/ffmpeg-7.1-libavdevice61pkg:apk/chainguard/ffmpeg-7.1-libavfilter10pkg:apk/chainguard/ffmpeg-7.1-libavformat61pkg:apk/chainguard/ffmpeg-7.1-libavutil59pkg:apk/chainguard/ffmpeg-7.1-libpostproc58pkg:apk/chainguard/ffmpeg-7.1-libswresample5pkg:apk/chainguard/ffmpeg-7.1-libswscale8pkg:apk/chainguard/ffmpeg-7.1-qt-faststartpkg:apk/chainguard/ffmpeg-7.1-staticpkg:apk/chainguard/ffmpeg-7-devpkg:apk/chainguard/ffmpeg-7-docpkg:apk/chainguard/ffmpeg-7-libavcodec61pkg:apk/chainguard/ffmpeg-7-libavdevice61pkg:apk/chainguard/ffmpeg-7-libavfilter10pkg:apk/chainguard/ffmpeg-7-libavformat61pkg:apk/chainguard/ffmpeg-7-libavutil59pkg:apk/chainguard/ffmpeg-7-libpostproc58pkg:apk/chainguard/ffmpeg-7-libswresample5pkg:apk/chainguard/ffmpeg-7-libswscale8pkg:apk/chainguard/ffmpeg-7-qt-faststartpkg:apk/chainguard/ffmpeg-7-staticpkg:apk/wolfi/ffmpeg-7.1-devpkg:apk/wolfi/ffmpeg-7.1-docpkg:apk/wolfi/ffmpeg-7.1-libavcodec61pkg:apk/wolfi/ffmpeg-7.1-libavdevice61pkg:apk/wolfi/ffmpeg-7.1-libavfilter10pkg:apk/wolfi/ffmpeg-7.1-libavformat61pkg:apk/wolfi/ffmpeg-7.1-libavutil59pkg:apk/wolfi/ffmpeg-7.1-libpostproc58pkg:apk/wolfi/ffmpeg-7.1-libswresample5pkg:apk/wolfi/ffmpeg-7.1-libswscale8pkg:apk/wolfi/ffmpeg-7.1-qt-faststartpkg:apk/wolfi/ffmpeg-7.1-staticpkg:apk/wolfi/ffmpeg-7-devpkg:apk/wolfi/ffmpeg-7-docpkg:apk/wolfi/ffmpeg-7-libavcodec61pkg:apk/wolfi/ffmpeg-7-libavdevice61pkg:apk/wolfi/ffmpeg-7-libavfilter10pkg:apk/wolfi/ffmpeg-7-libavformat61pkg:apk/wolfi/ffmpeg-7-libavutil59pkg:apk/wolfi/ffmpeg-7-libpostproc58pkg:apk/wolfi/ffmpeg-7-libswresample5pkg:apk/wolfi/ffmpeg-7-libswscale8pkg:apk/wolfi/ffmpeg-7-qt-faststartpkg:apk/wolfi/ffmpeg-7-static
< 7.1.2-r0+ 47 more
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
- (no CPE)range: < 7.1.2-r0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.