OpenEXR Vulnerability: Excessive Memory Consumption in Scanline Input Files

CVE-2021-3478 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability.

Learn more about our Web Application Penetration Testing UK.