ALAS2-2020-1499 --- OpenEXR| ID: oval:org.secpod.oval:def:1700441 | Date: (C)2020-11-05 (M)2023-12-20 |
| Class: PATCH | Family: unix |
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp
