Vulnerability Description
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString of pyOpenEXR_old.cpp. The legacy adapter defines PyObject_StealAttrString that calls PyObject_GetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then pass this dangling pointer to APIs like PyLong_AsLong/PyFloat_AsDouble, resulting in a use-after-free. This is invoked in multiple places (e.g., reading PixelType.v, Box2i, V2f, etc.) Versions 3.2.5, 3.3.6, and 3.4.3 fix the issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openexr | Openexr | >= 3.2.0, < 3.2.5 |
Related Weaknesses (CWE)
References
- https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c6305502Product
- https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57ExploitVendor Advisory
- https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-57ExploitVendor Advisory
FAQ
What is CVE-2025-64183?
CVE-2025-64183 is a vulnerability with a CVSS score of 7.5 (HIGH). OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, a...
How severe is CVE-2025-64183?
CVE-2025-64183 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-64183?
Check the references section above for vendor advisories and patch information. Affected products include: Openexr Openexr.