← back
CVE-2020-16587

CVE-2020-16587

EPSS 1.2%
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/AcademySoftwareFoundation/openexr/commit/8b5370c688a7362673c3a5256d93695617a4cd9ahttps://github.com/AcademySoftwareFoundation/openexr/issues/491https://lists.debian.org/debian-lts-announce/2021/07/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2022/12/msg00022.html