CVE-2020-6156
8.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Pixar | Pixar OpenUSD 20.05 , Apple macOS Catalina 10.15.3 | affected |
Weaknesses
- CWE-122: CWE-122: Heap-based Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.