Vulnerability in Academysoftwarefoundation Openexr

CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing `openexr_exrcheck_fuzze…

EPSS: 0.001 (29.6th percentile) — read the EPSS interpretation.

Affected products

Academysoftwarefoundation Openexr — versions >= 3.3.0, < 3.3.6, >= 3.4.0, < 3.4.3

Weakness classification (CWE)

CWE-457

References

https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-3h9h-qfvw-98hq (x_refsource_CONFIRM)
https://github.com/user-attachments/files/23024726/archive0.zip (x_refsource_MISC)
https://github.com/user-attachments/files/23024736/archive1.zip (x_refsource_MISC)
https://github.com/user-attachments/files/23024740/archive2.zip (x_refsource_MISC)
https://github.com/user-attachments/files/23024744/archive3.zip (x_refsource_MISC)
https://github.com/user-attachments/files/23024746/archive4.zip (x_refsource_MISC)