Vulnerability Details CVE-2018-20652
An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted input, which leads to an out-of-memory exception.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
Products affected by CVE-2018-20652
-
cpe:2.3:a:tinyexr_project:tinyexr:0.9.5