CVE-2021-20303

EPSS 0.13% · P32 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-20303

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

整数溢出或超界折返

Source: NVD (National Vulnerability Database)

Vulnerability Title

ILM OpenEXR 输入验证错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

ILM OpenEXR是美国Industrial Light and Magic（ILM）公司的一种图像文件格式，适用于高动态范围（HDR）图像。 ILM OpenEXR 存在安全漏洞，该漏洞源于产品的 Imf_2_5::copyIntoFrameBuffer 存在堆缓冲区溢出。攻击者可通过该漏洞执行恶意代码。以下产品及版本受到影响: Openexr 2.2.0-11+deb9u4。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	OpenEXR	Fixed in v2.5.4 and beyond.	-

II. Public POCs for CVE-2021-20303

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-20303

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-03-04 · 45 CVEs total

CVE-2022-23915	7.2 HIGH	Remote Code Execution (RCE)
CVE-2022-26484	4.9 MEDIUM	Veritas InfoScale Operations Manager路径遍历漏洞
CVE-2022-26483	4.8 MEDIUM	Veritas Infoscale Operations Manager 跨站脚本漏洞
CVE-2021-3656		KVM 安全漏洞
CVE-2021-3743		Linux kernel 缓冲区错误漏洞
CVE-2021-27757		HCL BigFix Insights 安全漏洞
CVE-2021-27756		HCL BigFix Compliance 加密问题漏洞
CVE-2021-44827		Tp-link Archer C2 操作系统命令注入漏洞
CVE-2021-40846		Rhinode Trading Paints 安全漏洞
CVE-2021-46384		MingSoft MCMS 访问控制错误漏洞
CVE-2021-46353		D-Link Dir-X1860 安全漏洞
CVE-2022-23233		Netapp StorageGRID 安全漏洞
CVE-2022-23232		Netapp StorageGRID 授权问题漏洞
CVE-2021-3575		OpenJPEG 缓冲区错误漏洞
CVE-2021-3428		Linux kernel 输入验证错误漏洞
CVE-2021-20319		coreos-installer 数据伪造问题漏洞
CVE-2022-21828		Incapptic Connect 安全漏洞
CVE-2022-25623		Symantec Management Center 安全漏洞
CVE-2021-3744		Linux kernel 安全漏洞
CVE-2022-23729		LG mobile 授权问题漏洞

Showing top 20 of 45 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: OpenEXR

Same vendor: n/a

Same weakness: CWE-190

V. Comments for CVE-2021-20303

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-20303

I. Basic Information for CVE-2021-20303

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-20303

III. Intelligence Information for CVE-2021-20303

Same Patch Batch · n/a · 2022-03-04 · 45 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-20303

Leave a comment