CVE-2020-6148 HIGH

CVE-2020-6148

Vendor N/A
Product Pixar
Weakness CWE-122
Published November 13, 2020
Last update August 4, 2024

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow.

Key dates

02Disclosure timeline

November 13, 2020 CVE published
August 4, 2024 Record updated