SB2025112557 - Multiple vulnerabilities in OpenEXR
Published: November 25, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Integer overflow (CVE-ID: CVE-2025-64182)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow within the OpenEXR.InputFile wrapper. A remote attacker can pass specially crafted file to the application, trigger an integer overflow and perform a denial of service (DoS) attack.
2) Use-after-free (CVE-ID: CVE-2025-64183)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the PyObject_StealAttrString() function in pyOpenEXR_old.cpp. A remote attacker can pass a specially crafted EXR file and execute arbitrary code on the system.
3) Use of uninitialized variable (CVE-ID: CVE-2025-64181)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to usage of an uninitialized variable when handling EXR files. A remote attacker can pass a specially crafted file to the application and perform a denial of service attack.
Remediation
Install update from vendor's website.
References
- https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L528-L536
- https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr
- https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L109-L115
- https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57cw-j6vp-2p9m
- https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-3h9h-qfvw-98hq