MiracleLinux 9 : openexr-3.1.1-2.el9.1 (AXSA:2024-9242:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9242:02 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : openexr-3.1.1-2.el9_4.1 (AXSA:2024-8955:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8955:01 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the MiracleLinux...

Linux Distros Unpatched Vulnerability : CVE-2023-5841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing...

openexr security update

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file format...

Oracle Linux 9 : openexr (ELSA-2024-9548)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9548 advisory. 3.1.1-2.1 - fix CVE-2023-5481 RHEL-64162 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

RockyLinux 9 : openexr (RLSA-2024:9548)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9548 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the RockyLinux security...

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RockyLinux 9 : openexr (RLSA-2024:8800)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:8800 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the RockyLinux security...

RHEL 9 : openexr (RHSA-2024:8802)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8802 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a...

AlmaLinux 9 : openexr (ALSA-2024:8800)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8800 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the AlmaLinux security...

RHEL 9 : openexr (RHSA-2024:8800)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8800 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a...

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Oracle Linux 9 : openexr (ELSA-2024-8800)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8800 advisory. 3.1.1-2.1 - fix CVE-2023-5481 RHEL-64162 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

Fedora: Security Advisory (FEDORA-2024-55247f3a4f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 : openexr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...

Fedora 40 : openexr (2024-55247f3a4f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-55247f3a4f advisory. Automatic update for openexr-3.1.10-5.fc40. Changelog Mon Feb 5 2024 Benjamin A. Beasley - 3.1.10-5 - Backport proposed fix for CVE-2023-5841 to 3.1.10 fix...

Medium: openexr

Issue Overview: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. CVE-2023-5841 Affected...

Fedora 39 : mingw-openexr (2024-7fc5bae919)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-7fc5bae919 advisory. Backport fix for CVE-2023-5841. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

FreeBSD : openexr -- Heap Overflow in Scanline Deep Data Parsing (f161a5ad-c9bd-11ee-b7a7-353f1e043d9a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f161a5ad-c9bd-11ee-b7a7-353f1e043d9a advisory. - Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep...

CVE-2023-5841 OpenEXR Heap Overflow in Scanline Deep Data Parsing

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...