Heap-based Buffer Overflow in OpenEXR 3.1.x before 3.1.4

Heap-based Buffer Overflow in OpenEXR 3.1.x before 3.1.4

CVE-2021-45942 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

Learn more about our Cis Benchmark Audit For Ibm Db2.