漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors
Vulnerability Description
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
OpenEXR 安全漏洞
Vulnerability Description
OpenEXR是Academy Software Foundation开源的一种高动态范围图像(HDR)文件格式的开放标准。 OpenEXR 3.3.2版本存在安全漏洞,该漏洞源于应用程序信任未验证的dataWindow大小值,可能导致处理恶意文件时过度内存分配和性能下降。
CVSS Information
N/A
Vulnerability Type
N/A