2 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-59731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length- encoded data is not checked when using it to calculate...
CVE-2025-59731
OpenEXR/FFmpeg CVE-2025-59731 describes a vulnerability in DWAA/DWAB run-length decoding where the rle_raw_size is not checked when calculating output data. The decoder reads rle_raw_size, decompresses into td->rle_raw_data, and may access entries up to (td->xsize-1)*(td->ysize-1) + rle_...