Tan Jie

Name of the Vulnerable Software and Affected Versions: OpenEXR version 2.3.0 Description: The issue is related to an out-of-bounds write in the exrmultiview function of the OpenEXR library. This could potentially allow a remote attacker to cause a denial of service or execute arbitrary code. The problem is specifically identified in the makeMultiView.cpp file. Recommendations: For OpenEXR version 2.3.0, consider applying a patch or fix to address the out-of-bounds write issue in the exrmultiview function to prevent potential exploitation. As a temporary workaround, consider restricting access to the affected function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.