Lucene search
K

25 matches found

OSV
OSV
added 2026/05/29 4:3 p.m.9 views

RLSA-2026:19146 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.2AI score0.00482EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/20 11:15 a.m.13 views

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

8.8CVSS6.3AI score0.00482EPSS
Exploits1References5
Rockylinux
Rockylinux
added 2026/05/20 6:3 a.m.15 views

openexr security update

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file format...

8.8CVSS6.2AI score0.00482EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2026/05/14 4:35 p.m.10 views

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

8.8CVSS6.3AI score0.00482EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/05/14 4:35 p.m.10 views

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

8.8CVSS6.2AI score0.00482EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2026/05/11 12:0 a.m.11 views

Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.1AI score0.00482EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/08 3:9 p.m.2 views

Out-of-bounds Write

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Write. through the internalexrundopiz process. An attacker can cause out-of-bounds memory access, leading to potential memory corruption or process crash, by...

8.8CVSS6AI score0.00482EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/04/06 5:42 p.m.4 views

CVE-2026-34378

A flaw was found in OpenEXR, a widely used image storage format. A remote attacker could exploit a missing bounds check vulnerability by crafting a malicious EXR file. By manipulating a specific attribute in the file header, an attacker can trigger an integer overflow, causing the application to...

6.5CVSS5.8AI score0.00262EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/06 4:9 p.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the undopxr24impl function. An attacker can cause memory corruption and potentially execute arbitrary code by providing a specially crafted EXR file that triggers a signed integer overflow, leading to a...

6CVSS6.1AI score0.00255EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/02 6:12 a.m.4 views

CVE-2026-34543

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit this vulnerability by tricking a user into opening a specially crafted EXR file. This could lead to the disclosure of sensitive information from heap memory through the decoded...

8.7CVSS5.9AI score0.00482EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/12/24 12:2 p.m.3 views

CVE-2025-12495

A flaw was found in OpenEXR, a library for handling High Dynamic Range HDR image files. This heap-based buffer overflow vulnerability allows a remote attacker to execute arbitrary code on a user's system. This occurs when a user is tricked into opening a specially crafted EXR file, exploiting a...

7.8CVSS7.7AI score0.00158EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-8550

Malware in sbrugna...

5.5CVSS6.9AI score0.01134EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-8548

Malware in sbrugna...

5.5CVSS6.9AI score0.01239EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/12/19 12:0 a.m.43 views

Debian dla-3236 : libopenexr-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3236 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3236-1 [email protected]...

7.5CVSS6.5AI score0.01848EPSS
Exploits5References46
RedhatCVE
RedhatCVE
added 2021/02/16 5:4 p.m.23 views

CVE-2020-16588

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS3.2AI score0.01204EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2021/02/16 5:3 p.m.28 views

CVE-2020-16587

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS4.3AI score0.01239EPSS
Exploits1References4
NVD
NVD
added 2020/12/09 9:15 p.m.20 views

CVE-2020-16588

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS5.5AI score0.01204EPSS
Exploits1References3
NVD
NVD
added 2020/12/09 9:15 p.m.20 views

CVE-2020-16587

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS5.7AI score0.01239EPSS
Exploits1References4
OSV
OSV
added 2020/12/09 9:15 p.m.7 views

AZL-44439 CVE-2020-16589 affecting package OpenEXR 2.3.0-6

A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS7AI score0.01134EPSS
Exploits1References1
OSV
OSV
added 2020/12/09 9:15 p.m.8 views

AZL-44706 CVE-2020-16588 affecting package OpenEXR 2.3.0-6

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS6.7AI score0.01204EPSS
Exploits1References1
Rows per page
Query Builder