OSV-2021-1451

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openexr/OSV-2021-1451.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1451
Published
2021-10-15T00:00:15.606456Z
Modified
2022-04-13T03:04:37.061710Z
Summary
Heap-buffer-overflow in Imf_3_1::memstream_read
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39936

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
Imf_3_1::memstream_read
dispatch_read
read_uncompressed_direct
References

Affected packages

OSS-Fuzz / openexr

Package

Name
openexr
Purl
pkg:generic/openexr

Affected ranges

Type
GIT
Repo
https://github.com/AcademySoftwareFoundation/openexr
Events
Introduced
5ae1ec0fd948e9e1009093148126636b5bbce4d8
Fixed
b39b63a1d2989a90655cd9b02b0fe8af8cd8c017
Introduced
526d92aa76bc79556d73c4e01ac2c2100a601ed4
Fixed
8b65408c5db588eb4ec7e0563040b1ce356c6691
Fixed
06575aaaf7eb0bff820585123449dd8967b47f46

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "fixed_range": "9d05d50eddacf4c5afac725617e12dfb5407e3cb:06575aaaf7eb0bff820585123449dd8967b47f46"
}