CVE-2021-23169 - log back

CVE-2021-23169 edited at 23 Apr 2021 09:30:28
Description
- A buffer overflow security issue has been found in OpenEXR before version 3.0.1.
+ A buffer overflow security issue has been found in the exrcheck executable of the OpenEXR 3.0.0 beta release. The issue is fixed in OpenEXR 3.0.1.
CVE-2021-23169 edited at 23 Apr 2021 08:33:03
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A buffer overflow security issue has been found in OpenEXR before version 3.0.1.
References
+ https://github.com/AcademySoftwareFoundation/openexr/pull/872
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28051
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28155
+ https://github.com/AcademySoftwareFoundation/openexr/commit/ae6d203892cc9311917a7f4f05354ef792b3e58e
Notes
CVE-2021-23169 created at 23 Apr 2021 08:29:02