VDB

CVE-2021-23169

CVE-2021-23169 PUBLISHED

A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.

EPSS 0.57% · 69.1th percentile

Risk Scores

EPSS Score
0.57%
69.1th percentile

Affected Products

VendorProductVersions
Ubuntu:Pro:20.04:LTSopenexr0, 2.3.0-6, 2.3.0-6ubuntu0.1

Timeline

  • Jun 8, 2021 CVE Published
  • Jun 9, 2021 EPSS Score
  • Aug 10, 2021 EPSS Score
  • Dec 9, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 8, 2022 EPSS Score
  • Apr 10, 2022 EPSS Score
  • Jun 10, 2022 EPSS Score
  • Aug 11, 2022 EPSS Score
  • Oct 11, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›