A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.Referenceshttps://github.com/AcademySoftwareFoundation/openexr/issues/491https://github.com/AcademySoftwareFoundation/openexr/commit/8b5370c688a7362673c3a5256d93695617a4cd9ahttps://lists.debian.org/debian-lts-announce/2021/07/msg00001.htmlhttps://lists.debian.org/debian-lts-announce/2022/12/msg00022.html
