{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T18:45:29.656","vulnerabilities":[{"cve":{"id":"CVE-2025-64183","sourceIdentifier":"security-advisories@github.com","published":"2025-11-10T22:15:37.323","lastModified":"2025-12-08T16:00:58.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString of pyOpenEXR_old.cpp. The legacy adapter defines PyObject_StealAttrString that calls PyObject_GetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then pass this dangling pointer to APIs like PyLong_AsLong/PyFloat_AsDouble, resulting in a use-after-free. This is invoked in multiple places (e.g., reading PixelType.v, Box2i, V2f, etc.) Versions 3.2.5, 3.3.6, and 3.4.3 fix the issue."},{"lang":"es","value":"OpenEXR proporciona la especificación y la implementación de referencia del formato de archivo EXR, un formato de almacenamiento de imágenes para la industria cinematográfica. En las versiones 3.2.0 a 3.2.4, 3.3.0 a 3.3.5 y 3.4.0 a 3.4.2, existe un uso después de la liberación en PyObject_StealAttrString de pyOpenEXR_old.cpp. El adaptador heredado define PyObject_StealAttrString que llama a PyObject_GetAttrString para obtener una nueva referencia, la decrementa inmediatamente y devuelve el puntero. Los llamadores luego pasan este puntero colgante a APIs como PyLong_AsLong/PyFloat_AsDouble, lo que resulta en un uso después de liberación. Esto se invoca en múltiples lugares (por ejemplo, al leer PixelType.v, Box2i, V2f, etc.). Las versiones 3.2.5, 3.3.6 y 3.4.3 corrigen el problema."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"3.2.5","matchCriteriaId":"B39DE559-AB72-4C61-9E6B-E9125859D199"},{"vulnerable":true,"criteria":"cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndExcluding":"3.3.6","matchCriteriaId":"A83D8F0B-0D0A-403E-8D2E-2FB455041B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndExcluding":"3.4.3","matchCriteriaId":"78287128-E16E-431F-922F-1F0272327A0D"}]}]}],"references":[{"url":"https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L109-L115","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57cw-j6vp-2p9m","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57cw-j6vp-2p9m","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}