CNNVD-202510-827 Information

CNNVD ID

CNNVD-202510-827

Related CVE

CVE-2025-59731

• CNNVD Published: 2025-10-06

Description (Chinese)

OpenEXR是Academy Software Foundation开源的一种高动态范围图像（HDR）文件格式的开放标准。 OpenEXR 8.0之前版本存在安全漏洞，该漏洞源于未检查DWAA或DWAB压缩中指定的原始长度，可能导致越界写入。

Description (English)

OpenEXR is the open standard for the open-source high-dynamic image (HDR) file format of Academy Software Foundation. There was a security loophole in the pre-OpenEXR 8.0, resulting from the failure to check the original length specified in the DWAA or DWAB compression, which could lead to cross-border writing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Academy Software Foundation

Published

2025-10-06

Last Modified

2026-02-24

References

https://b.corp.google.com/issues/436510153