vulnerability

Alpine Linux: CVE-2025-48071: Heap-based Buffer Overflow

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:N/C:C/I:C/A:C)	Jul 31, 2025	Dec 5, 2025	Dec 5, 2025

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Jul 31, 2025

Added

Dec 5, 2025

Modified

Dec 5, 2025

Description

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. This is fixed in version 3.3.3.

Solution

alpine-linux-upgrade-openexr

References

CVE-2025-48071
https://attackerkb.com/topics/CVE-2025-48071
URL-https://security.alpinelinux.org/vuln/CVE-2025-48071
CWE-122

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today