JLSEC-2026-128
- Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-128.md
- Import Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-128.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/JLSEC-2026-128
- Upstream
- Published
- 2026-04-17T15:19:54.657Z
- Modified
- 2026-04-17T15:30:20.392213Z
- Summary
- [none]
- Details
-
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
- Database specific
{ "sources": [ { "database_specific": { "status": "Modified" }, "id": "CVE-2021-3598", "imported": "2026-04-17T13:59:24.198Z", "published": "2021-07-06T15:15:07.800Z", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2021-3598", "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3598", "modified": "2024-11-21T06:21:56.233Z" } ], "license": "CC-BY-4.0" }- References
-
- https://bugzilla.redhat.com/show_bug.cgi?id=1970987
- https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
- https://security.gentoo.org/glsa/202210-31
- https://www.debian.org/security/2022/dsa-5299
- https://bugzilla.redhat.com/show_bug.cgi?id=1970987
- https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
- https://security.gentoo.org/glsa/202210-31
- https://www.debian.org/security/2022/dsa-5299