Vulnerability in openexr-viewer

[GAP-dev]

Hello,
I found vulnerability in openexr-viewer.
Where can i report this?

[GAP-dev]

oh, I will check now.

[GAP-dev]

It seems perfect!
I would like to submit a CVE request.

[afichet]

Thanks a lot for your issue and your help! Currently pushing the updated version.

Regarding the CVE request, I am not familiar with this process. Does this require action on my end?

[GAP-dev]

The best way is to enable security.md in github.
If you enable security.md, I will report again through github security advisory.

[afichet]

Thanks for the screenshot!
I've approved the request and the review for a CVE.
Let me know if there is additional action needed from my part. I'll reopen the issue if that's the case.
Cheers.