Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:34150
HistoryFeb 11, 2022 - 1:33 p.m.

Denial Of Service (DoS)

2022-02-1113:33:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
openexr
denial of service
vulnerability
compositedeepscanline
setframebuffer
heap-based buffer overflow
imfcompositedeepscanline.cpp
crash
application

EPSS

0.001

Percentile

43.1%

openexr is vulnerable to denial of service.The vulnerability exists in CompositeDeepScanLine::setFrameBuffer function of ImfCompositeDeepScanLine.cpp due to a heap-based buffer overflow which allows an attacker to crash the application via malicious input.

References