Linux Distros Unpatched Vulnerability : CVE-2026-45696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...

Linux Distros Unpatched Vulnerability : CVE-2025-59731

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length- encoded data is not checked when using it to calculate...

SUSE CVE-2025-59732

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...

OSV-2025-597 Heap-buffer-overflow in generic_unpack

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=435779241 Crash type: Heap-buffer-overflow READ 2 Crash state: genericunpack exrdecodingrun Imf34::ScanLineProcess::rundecode...

CVE-2020-19490

tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code...