CNNVD-202510-825 Information

CNNVD ID

CNNVD-202510-825

Related CVE

CVE-2025-59733

• CNNVD Published: 2025-10-06

Description (Chinese)

OpenEXR是Academy Software Foundation开源的一种高动态范围图像（HDR）文件格式的开放标准。 OpenEXR存在安全漏洞，该漏洞源于DWAA或DWAB压缩解码时假设所有图像通道具有相同像素类型，可能导致缓冲区溢出。

Description (English)

OpenEXR is the open standard for the open-source high-dynamic image (HDR) file format of Academy Software Foundation. OpenEXR has a security loophole, which stems from the assumption that all image channels have the same pixel type when compressed by DWAA or DWAB, which could lead to a spill out of the buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Academy Software Foundation

Published

2025-10-06

Last Modified

2026-02-24

References

https://b.corp.google.com/issues/436511754