Lucene search
+L

14 matches found

RedHat Linux
RedHat Linux
added 6 days ago6 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago6 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago4 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 6 days ago6 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
OSV
OSV
added 2026/05/15 8:16 a.m.9 views

SUSE-SU-2026:21796-1 Security update for openexr

This update for openexr fixes the following issues - CVE-2026-41142: integer overflow in ImageChannel: resize can lead to a heap out-of-bounds write via OpenEXRUtil public API bsc1264356. - CVE-2026-42216: missing checks in IDManifest: init can lead to out-of-bounds read during prefix expansion...

9.8CVSS5.9AI score0.00465EPSS
Exploits3References7
NVD
NVD
added 2026/05/07 4:16 a.m.21 views

CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

9.1CVSS0.00465EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/05/07 4:1 a.m.6 views

CVE-2026-42216 OpenEXR: Out-of-bounds read in `IDManifest::init()` during prefix expansion

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

8.8CVSS5.8AI score0.00465EPSS
Exploits1References1
CVE
CVE
added 2026/05/07 4:1 a.m.50 views

CVE-2026-42216

CVE-2026-42216 affects OpenEXR: an out-of-bounds read in IDManifest::init() during prefix expansion. In affected ranges (3.0.0–before 3.2.9, 3.3.0–before 3.3.11, and 3.4.0–before 3.4.11), the code reads stringList[i][0] and stringList[i][1] without ensuring the current string has two bytes. This ...

9.1CVSS5.8AI score0.00465EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2026/05/07 4:1 a.m.49 views

CVE-2026-42216 OpenEXR: Out-of-bounds read in `IDManifest::init()` during prefix expansion

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

8.8CVSS0.00465EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/07 4:1 a.m.5 views

CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

8.8CVSS5.8AI score0.00465EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/05/07 4:1 a.m.1 views

CVE-2026-42216 OpenEXR: Out-of-bounds read in `IDManifest::init()` during prefix expansion

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

8.8CVSS6AI score0.00465EPSS
Exploits1References12
AlpineLinux
AlpineLinux
added 2026/05/07 4:1 a.m.15 views

CVE-2026-42216

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...

9.1CVSS5.8AI score0.00465EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.23 views

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions of OpenEXR from 3.0.0 to 3.2.9, 3.3.0 to 3.3.11, and 3.4.0 to 3.4.11 contain a buffer error vulnerability. This vulnerability arises from the IDManifest::init...

9.1CVSS6AI score0.00465EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-42216

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References4
Rows per page
Query Builder