Published: 21 May 2017
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
see suse bug for reproducer with exrmakepreview first patch in upstream bug doesn't cover this CVE The patch for this issue was dropped during the focal development cycle by mistake.
Cvss 3 Severity Score
Severity score breakdown