What the vulnerability does

01Description

An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths.

Key dates

02Disclosure timeline

March 25, 2022 CVE published
August 3, 2024 Record updated