OpenEXR B44Compressor Memory Exhaustion Vulnerability

OpenEXR B44Compressor Memory Exhaustion Vulnerability

CVE-2021-20298 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.

Learn more about our Web Application Penetration Testing UK.