{"id":"CVE-2021-3598","details":"There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.","modified":"2026-05-15T12:04:20.036110318Z","published":"2021-07-06T15:15:07.800Z","related":["SUSE-SU-2021:2158-1","SUSE-SU-2021:2159-1","openSUSE-SU-2021:0925-1","openSUSE-SU-2021:2158-1","openSUSE-SU-2024:11117-1"],"database_specific":{"unresolved_ranges":[{"vendor_product":"debian:debian_linux","source":"CPE_FIELD","extracted_events":[{"last_affected":"10.0"},{"last_affected":"11.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"]},{"source":"CPE_FIELD","vendor_product":"redhat:enterprise_linux","extracted_events":[{"last_affected":"8.0"}],"cpes":["cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00022.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202210-31"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5299"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1970987"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}