JLSEC-2026-133

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

OESA-2026-1842 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via...

CVE-2025-64182

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

EUVD-2006-2278

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-48074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3....

Linux Distros Unpatched Vulnerability : CVE-2025-48072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 i...

CVE-2025-48074

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...

CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...

CVE-2025-48074

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...

The vulnerability of the operator function in the half.h component of software for storing OpenEXR images, which has a wide dynamic range of brightness levels. This vulnerability arises from the operation exceeding the permissible buffer data size, allowing an attacker to access confidential information or cause system failures.

The vulnerability of the operator function in the half.h component of software for storing OpenEXR images with wide dynamic range of brightness levels is related to the operation exceeding the allowable buffer data size. Exploiting this vulnerability allows a malicious actor to access confidentia...

USN-4676-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

The vulnerability of the Mac OS X operating system allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the ImageIO component in the Mac OS X operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely or cause a service failure memory corruption by using a specially crafted EXR image with B44...

Fedora Core 10 FEDORA-2009-8136 (OpenEXR)

The remote host is missing an update to OpenEXR announced via advisory FEDORA-2009-8136. OpenVAS Vulnerability Test $Id: fcore20098136.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8136 OpenEXR Authors: Thomas Reinke Copyright: Copyright c 2009...

CVE-2006-2277

Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service application crash via a crafted OpenEXR .exr image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file...