cpe:/a:openexr:openexr:2.2.0 CVE-2017-14988 2017-10-02T21:29:02.903-04:00 2019-09-23T16:15:11.007-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov MISC https://github.com/openexr/openexr/issues/248 SUSE openSUSE-SU-2019:1954 ** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.