Lucene search
K

6 matches found

CVE
CVE
added 2026/06/18 8:20 p.m.21 views

CVE-2026-44663

OpenEXR CVE-2026-44663 is a heap-buffer overflow in the HTJ2K decoder (ht_undo_impl) caused by 32-bit signed overflow when multiplying decode->channels[i].width by bytes_per_element during HTJ2K decoding. This occurs in OpenEXR 3.4.0–3.4.11 and can lead to a heap out-of-bounds write when handl...

7.1CVSS5.2AI score0.00199EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.5 views

MiracleLinux 8 : OpenEXR-2.2.0-12.el8_10.1 (AXSA:2026-542:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-542:02 advisory. openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVE-2026-27622 Tenable has extracted the preceding description block...

8.4CVSS6.3AI score0.00201EPSS
Exploits2References2
OSV
OSV
added 2026/05/03 9:57 a.m.8 views

OESA-2026-2179 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

8.4CVSS5.9AI score0.0045EPSS
Exploits0References3
OSV
OSV
added 2026/04/17 3:19 p.m.6 views

JLSEC-2026-144

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in undopxr24impl in src/lib/OpenEXRCore/internalpxr24.c at line 377. The...

5.9CVSS5.8AI score0.00255EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/04/07 11:25 p.m.4 views

SUSE CVE-2026-34380

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a signed integer overflow exists in undopxr24impl in src/lib/OpenEXRCore/internalpxr24.c at line 377. The...

5.8CVSS5.8AI score0.00255EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.3 views

SUSE CVE-2021-3933

An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...

5.5CVSS7.1AI score0.00849EPSS
Exploits0References7
Rows per page
Query Builder