JLSEC-2026-146

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1561)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1561 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B4...

OpenEXR: integer overflow to OOB write in uncompress_b44_impl()

Summary The B44/B44A decoder in OpenEXR reconstructs row pointers into a scratch buffer using int. When the channel width nx is large enough, the product y nx overflows int, causing the row pointer to wrap before the start of the scratch buffer. Subsequent memcpy calls then write decoded pixel...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the uncompressb44impl file. An attacker can cause an out-of-bounds write by supplying a specially crafted B44 or B44A EXR file that triggers an integer overflow, resulting in memory corruption or application...

GHSA-H762-RHV3-H25V OpenEXR: integer overflow to OOB write in uncompress_b44_impl()

Summary The B44/B44A decoder in OpenEXR reconstructs row pointers into a scratch buffer using int. When the channel width nx is large enough, the product y nx overflows int, causing the row pointer to wrap before the start of the scratch buffer. Subsequent memcpy calls then write decoded pixel...

Linux Distros Unpatched Vulnerability : CVE-2026-34544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version...

SUSE CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

CVE-2026-34544

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker or local user could exploit this vulnerability by providing a specially crafted B44 or B44A EXR file. This crafted file can cause an out-of-bounds write during file decoding, which may lead to...

CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

UBUNTU-CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

CVE-2026-34544 OpenEXR: integer overflow to OOB write in uncompress_b44_impl()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

CVE-2026-34544

OpenEXR (OpenEXR) vulnerability CVE-2026-34544: from version 3.4.0 up to but not including 3.4.8, crafting a B44 or B44A EXR file can trigger an out-of-bounds write during decoding (exr_decoding_run). Consequences include immediate crash and potential heap corruption, depending on layout. The iss...

CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

PT-2026-29621

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.7 Description OpenEXR, an image storage format used in the motion picture industry, contains a flaw where a specially crafted EXR file B44 or B44A format can lead to an out-of-bounds write during decoding via...

EUVD-2021-26798

Malware in sbrugna...

The vulnerability of the B44Compressor component of the image storage software for OpenEXR, which has a wide dynamic range of brightness levels, allows a hacker to trigger a service failure.

The vulnerability of the B44Compressor component of the OpenEXR image storage software, which handles images with wide dynamic range of brightness, is related to buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created...

SUSE CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

OESA-2022-1885 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to...

OESA-2022-1884 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to...