What the vulnerability does

01Description

An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

Key dates

02Disclosure timeline

June 8, 2021 CVE published
August 3, 2024 Record updated