What the vulnerability does

01Description

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

Key dates

02Disclosure timeline

March 30, 2021 CVE published
August 3, 2024 Record updated