OSV-2025-871

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openexr/OSV-2025-871.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-871
Published
2025-11-03T00:01:55.461376Z
Modified
2025-11-05T14:31:27.893141Z
Summary
UNKNOWN READ in ojph::local::param_cod::~param_cod
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=456837230

Crash type: UNKNOWN READ
Crash state:
ojph::local::param_cod::~param_cod
ojph::local::param_cod::~param_cod
ojph::local::param_cod::~param_cod
References

Affected packages

OSS-Fuzz / openexr

Package

Name
openexr
Purl
pkg:generic/openexr

Affected ranges

Type
GIT
Repo
https://github.com/AcademySoftwareFoundation/openexr
Events
Introduced
76f3410aca0b04bf1e4b579a8091e0b9a938d348
Fixed
c74a1e42530f4b783787e99d8c2b8efdc342af34

Affected versions

v3.*

v3.4.0
v3.4.0-rc
v3.4.1
v3.4.1-rc
v3.4.1-rc2
v3.4.2
v3.4.2-rc
v3.4.2-rc2
v3.4.3
v3.4.3-rc
v3.4.3-rc2
v3.4.3-rc3

Ecosystem specific 

{
    "severity": null
}

Database specific

introduced_range

"da32c659b5ec81526e72a7ad423b153565290433:da818d1550738bf00669af894a9b67bfd8451858"