Vulnerability-Lookup

CVE-2025-48074 (GCVE-0-2025-48074)

Vulnerability from cvelistv5 – Published: 2025-08-01 16:32 – Updated: 2025-08-01 17:09

Title

OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors

Summary

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.

Severity ?

4.6 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

URL

Tags

	https://github.com/AcademySoftwareFoundation/open…	x_refsource_CONFIRM
	https://github.com/ShielderSec/poc/tree/main/CVE-…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	AcademySoftwareFoundation	openexr	Affected: >= 3.3.2, < 3.3.3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48074",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-01T17:07:14.465806Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-01T17:09:00.696Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openexr",
          "vendor": "AcademySoftwareFoundation",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.3.2, \u003c 3.3.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T16:32:54.595Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf"
        },
        {
          "name": "https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074"
        }
      ],
      "source": {
        "advisory": "GHSA-x22w-82jp-8rvf",
        "discovery": "UNKNOWN"
      },
      "title": "OpenEXR\u0027s Unbounded File Header Values can Lead to Out-Of-Memory Errors"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48074",
    "datePublished": "2025-08-01T16:32:54.595Z",
    "dateReserved": "2025-05-15T16:06:40.942Z",
    "dateUpdated": "2025-08-01T17:09:00.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-48074\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-01T17:07:14.465806Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-01T17:08:51.656Z\"}}], \"cna\": {\"title\": \"OpenEXR\u0027s Unbounded File Header Values can Lead to Out-Of-Memory Errors\", \"source\": {\"advisory\": \"GHSA-x22w-82jp-8rvf\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 4.6, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N\", \"userInteraction\": \"ACTIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"AcademySoftwareFoundation\", \"product\": \"openexr\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 3.3.2, \u003c 3.3.3\"}]}], \"references\": [{\"url\": \"https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf\", \"name\": \"https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074\", \"name\": \"https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770: Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-08-01T16:32:54.595Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-48074\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-01T17:09:00.696Z\", \"dateReserved\": \"2025-05-15T16:06:40.942Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-08-01T16:32:54.595Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-X22W-82JP-8RVF

Vulnerability from github – Published: 2025-07-31 19:23 – Updated: 2025-08-01 18:35

Summary

OpenEXR Out-Of-Memory via Unbounded File Header Values

Details

Summary

The OpenEXR file format defines many information about the final image inside of the file header, such as the size of data/display window.

The application trusts the value of dataWindow size provided in the header of the input file, and performs computations based on this value.

This may result in unintended behaviors, such as excessively large number of iterations and/or huge memory allocations.

Details

A concrete example of this issue is present in the function readScanline() in ImfCheckFile.cpp at line 235, that performs a for-loop using the dataWindow min.y and max.y coordinates that can be arbitrarily large.

in.setFrameBuffer (i);

int step = 1;

//
// try reading scanlines. Continue reading scanlines
// even if an exception is encountered
//
for (int y = dw.min.y; y <= dw.max.y; y += step) // <-- THIS LOOP IS EXCESSIVE BECAUSE OF DW.MAX
{
    try
    {
        in.readPixels (y);
    }
    catch (...)
    {
        threw = true;

        //
        // in reduceTime mode, fail immediately - the file is corrupt
        //
        if (reduceTime) { return threw; }
    }
}

Another example occurs in the EnvmapImage::resize function that in turn calls Array2D<T>::resizeEraseUnsafe passing the dataWindow X and Y coordinates and perform a huge allocation.

On some system, the allocator will simply return std::bad_alloc and crash. On other systems such as macOS, the allocator will happily continue with a "small" pre-allocation and allocate further memory whenever it is accessed. This is the case with the EnvmapImage::clear function that is called right after and fills the image RGB values with zeros, allocating tens of Gigabytes.

PoC

NOTE: please download the oom_crash.exr file via the following link:

https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074

Compile the exrcheck binary in a macOS or GNU/Linux machine with ASAN.
Open the oom_crash.exr file with the following command:

exrcheck oom_crash.exr

Notice that exrenvmap/exrcheck crashes with ASAN stack-trace.

Impact

An attacker could cause a denial of service by stalling the application or exhaust memory by stalling the application in a loop which contains a memory leakage.

Severity ?

4.6 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "OpenEXR"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.3.2"
            },
            {
              "fixed": "3.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "3.3.2"
      ]
    }
  ],
  "aliases": [
    "CVE-2025-48074"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-770"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-07-31T19:23:18Z",
    "nvd_published_at": "2025-08-01T17:15:52Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\nThe OpenEXR file format defines many information about the final image inside of the file header, such as the size of data/display window.\n\nThe application trusts the value of `dataWindow` size provided in the header of the input file, and performs computations based on this value.\n\nThis may result in unintended behaviors, such as excessively large number of iterations and/or huge memory allocations.\n\n\n### Details\nA concrete example of this issue is present in the function `readScanline()` in `ImfCheckFile.cpp` at line 235, that performs a for-loop using the `dataWindow min.y` and `max.y` coordinates that can be arbitrarily large.\n\n```cpp\nin.setFrameBuffer (i);\n\nint step = 1;\n\n//\n// try reading scanlines. Continue reading scanlines\n// even if an exception is encountered\n//\nfor (int y = dw.min.y; y \u003c= dw.max.y; y += step) // \u003c-- THIS LOOP IS EXCESSIVE BECAUSE OF DW.MAX\n{\n    try\n    {\n        in.readPixels (y);\n    }\n    catch (...)\n    {\n        threw = true;\n\n        //\n        // in reduceTime mode, fail immediately - the file is corrupt\n        //\n        if (reduceTime) { return threw; }\n    }\n}\n```\n\nAnother example occurs in the `EnvmapImage::resize` function that in turn calls `Array2D\u003cT\u003e::resizeEraseUnsafe` passing the `dataWindow` X and Y coordinates and perform a huge allocation.\n\nOn some system, the allocator will simply return `std::bad_alloc` and crash. On other systems such as macOS, the allocator will happily continue with a \"small\" pre-allocation and allocate further memory whenever it is accessed.\nThis is the case with the `EnvmapImage::clear` function that is called right after and fills the image RGB values with zeros, allocating tens of Gigabytes.\n\n### PoC\n\nNOTE: please download the `oom_crash.exr` file via the following link:\n \nhttps://github.com/ShielderSec/poc/tree/main/CVE-2025-48074\n\n1. Compile the `exrcheck` binary in a macOS or GNU/Linux machine with ASAN.\n2. Open the `oom_crash.exr` file with the following command:\n\n```\nexrcheck oom_crash.exr\n```\n\n3. Notice that `exrenvmap`/`exrcheck` crashes with ASAN stack-trace.\n\n### Impact\nAn attacker could cause a denial of service by stalling the application or exhaust memory by stalling the application in a loop which contains a memory leakage.",
  "id": "GHSA-x22w-82jp-8rvf",
  "modified": "2025-08-01T18:35:51Z",
  "published": "2025-07-31T19:23:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48074"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/AcademySoftwareFoundation/openexr"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenEXR Out-Of-Memory via Unbounded File Header Values"
}

FKIE_CVE-2025-48074

Vulnerability from fkie_nvd - Published: 2025-08-01 17:15 - Updated: 2025-08-13 19:18

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf	Exploit, Vendor Advisory
	security-advisories@github.com	https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074	Exploit

Impacted products

	Vendor	Product	Version
	openexr	openexr	3.3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openexr:openexr:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9E8468B-6096-42B1-8235-EBF60FC5A81C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3."
    },
    {
      "lang": "es",
      "value": "OpenEXR proporciona la especificaci\u00f3n y la implementaci\u00f3n de referencia del formato de archivo EXR, un formato de almacenamiento de im\u00e1genes para la industria cinematogr\u00e1fica. En la versi\u00f3n 3.3.2, las aplicaciones conf\u00edan en valores de tama\u00f1o de ventana de datos no validados de los encabezados de archivo, lo que puede provocar una asignaci\u00f3n excesiva de memoria y una degradaci\u00f3n del rendimiento al procesar archivos maliciosos. Esto se ha corregido en la versi\u00f3n 3.3.3."
    }
  ],
  "id": "CVE-2025-48074",
  "lastModified": "2025-08-13T19:18:13.987",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-08-01T17:15:52.193",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://github.com/ShielderSec/poc/tree/main/CVE-2025-48074"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

CNVD-2025-24796

Vulnerability from cnvd - Published: 2025-10-24

Title

OpenEXR存在未明漏洞（CNVD-2025-24796）

Description

OpenEXR是一种高动态范围图像（HDR）文件格式的开放标准。 OpenEXR 3.3.2版本存在安全漏洞，攻击者可利用该漏洞导致处理恶意文件时过度内存分配和性能下降。

Severity

中

Patch Name

OpenEXR存在未明漏洞（CNVD-2025-24796）的补丁

Patch Description

OpenEXR是一种高动态范围图像（HDR）文件格式的开放标准。 OpenEXR 3.3.2版本存在安全漏洞，攻击者可利用该漏洞导致处理恶意文件时过度内存分配和性能下降。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://openexr.com/en/latest/

Reference

https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf

Impacted products

Name
OpenEXR OpenEXR 3.3.2

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-48074",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-48074"
    }
  },
  "description": "OpenEXR\u662f\u4e00\u79cd\u9ad8\u52a8\u6001\u8303\u56f4\u56fe\u50cf\uff08HDR\uff09\u6587\u4ef6\u683c\u5f0f\u7684\u5f00\u653e\u6807\u51c6\u3002\n\nOpenEXR 3.3.2\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u5904\u7406\u6076\u610f\u6587\u4ef6\u65f6\u8fc7\u5ea6\u5185\u5b58\u5206\u914d\u548c\u6027\u80fd\u4e0b\u964d\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://openexr.com/en/latest/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-24796",
  "openTime": "2025-10-24",
  "patchDescription": "OpenEXR\u662f\u4e00\u79cd\u9ad8\u52a8\u6001\u8303\u56f4\u56fe\u50cf\uff08HDR\uff09\u6587\u4ef6\u683c\u5f0f\u7684\u5f00\u653e\u6807\u51c6\u3002\r\n\r\nOpenEXR 3.3.2\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u5904\u7406\u6076\u610f\u6587\u4ef6\u65f6\u8fc7\u5ea6\u5185\u5b58\u5206\u914d\u548c\u6027\u80fd\u4e0b\u964d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "OpenEXR\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2025-24796\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "OpenEXR OpenEXR 3.3.2"
  },
  "referenceLink": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-x22w-82jp-8rvf",
  "serverity": "\u4e2d",
  "submitTime": "2025-08-11",
  "title": "OpenEXR\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2025-24796\uff09"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-48074 (GCVE-0-2025-48074)

GHSA-X22W-82JP-8RVF

Summary

Details

PoC

Impact

FKIE_CVE-2025-48074

CNVD-2025-24796

Tags

Sightings

Nomenclature