CNNVD-202507-3959 Information

CNNVD ID

CNNVD-202507-3959

Related CVE

CVE-2025-48073

• CNNVD Published: 2025-07-31

Description (Chinese)

OpenEXR是Academy Software Foundation开源的一种高动态范围图像（HDR）文件格式的开放标准。 OpenEXR 3.3.2版本存在代码问题漏洞，该漏洞源于读取深度扫描线图像时存在空指针取消引用，可能导致目标应用程序崩溃。

Description (English)

OpenEXR is the open standard for the open-source high-dynamic image (HDR) file format of Academy Software Foundation. Version 3.3.2 of OpenEXR has a code problem loophole, which results from the loss of references to empty fingers when reading deep-scan images, which could lead to the collapse of the target application.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Academy Software Foundation

Published

2025-07-31

Last Modified

2026-02-24

References

https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-qhpm-86v7-phmm https://github.com/ShielderSec/poc/tree/main/CVE-2025-48073

Patch

https://github.com/AcademySoftwareFoundation/openexr/releases