sfx (=0.1.0) potentially affected by CVE-2025-64183 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64183 Source advisory: OSV:GHSA-57CW-J6VP-2P9M...

CVE-2025-64183

A use-after-free vulnerability has been identified in the Python bindings of the OpenEXR library, where object ownership is incorrectly transferred when image channel data is accessed from Python. When a Python script retrieves the list of channel names or reads pixel data through the affected...

libIex-3_4-33-3.4.3-1.1 on GA media (moderate)

libIex-34-33-3.4.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15741-1 Rating: moderate Cross-References: CVE-2025-64181 CVE-2025-64182 CVE-2025-64183 CVSS scores: CVE-2025-64181 SUSE : 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-64181 SUSE : 5.1...

CVE-2025-64183

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

sfx (=0.1.0) potentially affected by CVE-2025-64183 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64183 Source advisory: SNYK:PYTHON-OPENEXR-13877098...

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64183 via openexr (=3.4.12)

openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...