{"id":"ECHO-0b54-eced-403b","upstream":["CVE-2017-14988"],"severity":[],"modified":"2026-06-01T13:30:03.694Z","affected":[{"package":{"ecosystem":"Echo","name":"openexr"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.1.13-2"}]}]}],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2017-14988"}],"withdrawn":"2026-06-01T13:30:03.694Z","summary":"Excessive memory allocation in Header::readfrom via ImageMagick.\nDisputed by maintainer and multiple third parties as not a valid\nvulnerability - the issue is in the use of openexr via ImageMagick,\nwith no real security impact in openexr itself.\n"}