Unity Linux 20.1060e / 20.1070e Security Update: openjpeg (UTSA-2026-016638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016638 advisory. Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or...

Linux Distros Unpatched Vulnerability : CVE-2026-46559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-46559 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...

GHSA-533M-3WF6-C33V ImageMagick: Heap Buffer Over-Write of a single byte in the JP2 encoder.

An incorrect check in the JP2 will result in an heap buffer over-write of a single byte when specifying certain options...

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

Out-of-bounds Write

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

SUSE CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

CVE-2026-43905

A flaw was found in OpenImageIO. When processing a specially crafted JPEG2000 image file, an internal calculation for buffer size can result in an integer overflow. This leads to an undersized memory allocation, causing a heap overflow. An attacker could exploit this to potentially execute...

CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

UBUNTU-CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

CVE-2026-43905

OpenImageIO CVE-2026-43905 affects the JPEG2000 path when built with OpenJPH. In jpeg2000input.cpp:395, buffer size is computed as w * h * ch * buffer_bpp using 32-bit signed arithmetic, so when the product exceeds INT_MAX the result wraps to 0 or a small value. This yields an undersized m_buf an...

CVE-2026-43905 OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

CVE-2026-43905 OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

PT-2026-41024

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch buffer bpp using signed 32-bit arithmetic. When the product...

Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017720)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017720 advisory. In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths. Tenable has...

Astra Linux - уязвимость в ffmpeg, ffmpeg5

There is a heap-buffer-overflow write in jpeg2000dec FFmpeg that allows an attacker to potentially gain remote code execution or cause a denial of service through the JPEG2000’s channel definition cdef atom...

Out-of-bounds Write

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Out-of-bounds Write

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...