Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/31 10:31 p.m.5 views

CVE-2025-48072

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

9.1CVSS6.3AI score0.00496EPSS
Exploits1References6
CVE
CVE
added 2025/07/31 8:18 p.m.28 views

CVE-2025-48072

OpenEXR 3.3.2 is vulnerable to a heap-based buffer overflow during read when decompressing DWAA-packed scan-line EXR files with a forged chunk. The root cause is bad pointer arithmetic in the DWAA decompressor, which can allow out-of-bounds reads. The issue is fixed in version 3.3.3. Exploitation...

9.1CVSS6.8AI score0.00496EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/07/31 8:18 p.m.8 views

CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

6.8CVSS0.00496EPSS
Exploits1References3
Circl
Circl
added 2025/07/31 3:9 p.m.21 views

CVE-2025-48072

creationtimestamp| type| source ---|---|--- 2025-07-31 15:09:15+00:00| published-proof-of-concept| https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-4r7w-q3jg-ff43 2025-07-31 23:42:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lvccsrrjty2d...

9.1CVSS5.7AI score0.00496EPSS
Exploits1References2
Rows per page
Query Builder