Launchpad.net

CVE 2020-11761

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.

See the CVE page on Mitre.org for more details.