openexr is vulnerable to denial of service. The vulnerability exists due to Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer
.
bugzilla.redhat.com/show_bug.cgi?id=1947612
lists.fedoraproject.org/archives/list/[email protected]/message/4KYNJSMVA6YJY5NMKDZ5SAISKZG2KCKC/
lists.fedoraproject.org/archives/list/[email protected]/message/BXFLD4ZAXKAIWO6ZPBCQEEDZB5IG676K/
security-tracker.debian.org/tracker/CVE-2021-23169
security.gentoo.org/glsa/202210-31