CVE-2018-12503

2018-06-1615:29:00

Google

osv.dev

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h.

CPENameOperatorVersion
tinyexreq0.9.5
tinyexreq0.9.0

CPE	Name	Operator	Version
	tinyexr	eq	0.9.5
	tinyexr	eq	0.9.0

References

github.com/ChijinZ/security_advisories/tree/master/tinyexr_b53a457

github.com/syoyo/tinyexr/issues/81