NewStart CGSL CORE 5.05 / MAIN 5.05 : OpenEXR Multiple Vulnerabilities (NS-SA-2021-0149)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has OpenEXR packages installed that are affected by multiple vulnerabilities: - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by...

The vulnerability of the `refill` function in the `ImfFastHuf.cpp` component of the software for storing OpenEXR images with a wide dynamic range of brightness levels. This vulnerability arises from the operation of writing data beyond the buffer boundaries in memory, allowing an attacker to cause a service failure.

The vulnerability of the refill function in the ImfFastHuf.cpp component of the software for storing OpenEXR images with wide dynamic range of brightness values is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to cau...

NewStart CGSL CORE 5.04 / MAIN 5.04 : OpenEXR Multiple Vulnerabilities (NS-SA-2021-0031)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has OpenEXR packages installed that are affected by multiple vulnerabilities: - An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp...

openSUSE Security Update : openexr (openSUSE-2020-682)

This update for openexr provides the following fix : Security issues fixed : - CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier bsc1169575. - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp...

openSUSE: Security Advisory for openexr (openSUSE-SU-2020:0682-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2017-9114

In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash...

Code injection

In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash...

CVE-2017-9114

OpenEXR 2.2.0 is affected by CVE-2017-9114 due to an invalid read of size 1 in the refill function (ImfFastHuf.cpp), which can cause a crash. The vulnerability is documented across multiple advisories (Debian/RHEL/NASL/Nessus aggregations) and is addressed in the OpenEXR 2.2.1 patch release (see ...

CVE-2017-9114

In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash...

CVE-2017-9114

In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash...