JLSEC-2026-645

Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-645.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-645.json
JSON Data
https://api.osv.dev/v1/vulns/JLSEC-2026-645
Upstream
  • CVE-2025-59732
  • EUVD-2025-32179
  • GHSA-qr3p-83wm-px3f
Published
2026-06-26T20:24:16.337Z
Modified
2026-06-26T20:34:17.553828064Z
Severity
  • 8.7 (High) CVSS_V4 - CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N CVSS Calculator
Summary
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...
Details

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8.

If the height or width of the image is not divisible by 8, the copy loops at [0] and [1] will continue to write until the next multiple of 8.

The buffer td->uncompresseddata is allocated in decodeblock based on the precise height and width of the image, so the "rounded-up" multiple of 8 in the copy loop can exceed the buffer bounds, and the write block starting at [2] can corrupt following heap memory.

We recommend upgrading to version 8.0 or beyond.

Database specific
{
    "license": "CC-BY-4.0",
    "sources": [
        {
            "database_specific": {
                "status": "Deferred"
            },
            "id": "CVE-2025-59732",
            "modified": "2026-06-17T09:46:36.677Z",
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59732",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-59732",
            "published": "2025-10-06T08:15:34.920Z",
            "imported": "2026-06-26T19:19:40.906Z"
        },
        {
            "id": "GHSA-qr3p-83wm-px3f",
            "modified": "2025-10-19T15:31:16Z",
            "html_url": "https://github.com/advisories/GHSA-qr3p-83wm-px3f",
            "url": "https://api.github.com/advisories/GHSA-qr3p-83wm-px3f",
            "published": "2025-10-06T09:30:20Z",
            "imported": "2026-06-26T19:19:32.997Z"
        },
        {
            "imported": "2026-06-26T19:19:09.514Z",
            "modified": "2026-02-26T17:48:17Z",
            "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-32179",
            "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-32179",
            "published": "2025-10-06T08:09:31Z",
            "id": "EUVD-2025-32179"
        }
    ]
}
References

Affected packages

Julia / FFMPEG_jll

Package

Name
FFMPEG_jll
Purl
pkg:julia/FFMPEG_jll?uuid=b22a6f82-2f65-5046-a5b2-351ab43fb4e5

Affected ranges

Type
SEMVER
Events
Introduced
7.1.1+0
Fixed
8.0.0+0

Database specific

source
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-645.json"

Julia / FFplay_jll

Package

Name
FFplay_jll
Purl
pkg:julia/FFplay_jll?uuid=c4dce911-e170-5107-8314-c7bdc6785395

Affected ranges

Type
SEMVER
Events
Introduced
7.1.1+0
Fixed
8.1.2+0

Database specific

source
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-645.json"