CVE-2021-20300
Published: 4 March 2022
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availability.
Priority
CVSS 3 base score: 5.5
Status
Package | Release | Status |
---|---|---|
openexr Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
focal |
Needs triage
|
|
groovy |
Ignored
(reached end-of-life)
|
|
hirsute |
Not vulnerable
(2.5.4-1)
|
|
impish |
Not vulnerable
(2.5.4-2)
|
|
jammy |
Not vulnerable
(2.5.7-1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(2.5.4-1)
|
|
xenial |
Needs triage
|