Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2020-15304 - CERT CVE
CVE-2020-15304
ID
CVE-2020-15304
Sažetak
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.
Reference
https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md
https://github.com/AcademySoftwareFoundation/openexr/pull/727
https://github.com/AcademySoftwareFoundation/openexr/blob/master/SECURITY.md
https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.5.2
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00048.html
https://security.gentoo.org/glsa/202107-27
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKDRVXORM2VLNHRLFKS3JHRABSHZ5W5M/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SHYAKRAUEMYVCV7U5WLDRE2YFGSV5PIT/
CVSS
Base:
2.1
Impact:
2.9
Exploitability:
3.9
Pristup
Vektor
Složenost
Autentikacija
LOCAL
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
NONE
PARTIAL
CVSS vektor
AV:L/AC:L/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje
07-11-2023 - 03:17
Objavljeno
26-06-2020 - 01:15
