tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS).
References
Link | Resource |
---|---|
https://github.com/ChijinZ/security_advisories/tree/master/tinyexr_65f9859 | Exploit Third Party Advisory |
https://github.com/syoyo/tinyexr/issues/109 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
03 Aug 2021, 22:27
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-129 | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:tinyexr_project:tinyexr:0.9.5:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/ChijinZ/security_advisories/tree/master/tinyexr_65f9859 - Exploit, Third Party Advisory | |
References | (MISC) https://github.com/syoyo/tinyexr/issues/109 - Exploit, Issue Tracking, Patch, Third Party Advisory |
26 Jul 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-26 22:15
Updated : 2024-02-04 21:47
NVD link : CVE-2020-18428
Mitre link : CVE-2020-18428
CVE.ORG link : CVE-2020-18428
JSON object : View
Products Affected
tinyexr_project
- tinyexr
CWE
CWE-129
Improper Validation of Array Index