CVE-2021-20299

Summary

A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.

Affected Software

VendorProductVersion RangeStatus
n/aOpenEXRAffected before v2.5.4affected

Weaknesses

  • CWE-476: CWE-476 (NULL Pointer Dereference)

ADP Enrichment

CVE Program Container

Additional References

References