2368 matches found
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR’s deep tile sample size calculations in versions before 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could trigger an integer overflow, resulting in an out-of-bounds read. The greatest risk of this flaw is to the application’s...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file processed by OpenEXR to trigger an integer overflow. The greatest threat of this vulnerability is to system availability...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR’s scanline input file functionality in versions before 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could consume excessive system memory. The most significant impact of this flaw is on system availability...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with the application’s functionality and availability...
Astra Linux - уязвимость в openexr
A flaw was discovered in OpenEXR’s B44 uncompression functionality in versions prior to 3.0.0-beta. An attacker who can submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting the availability of the application...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR in versions before 3.0.0-beta. A carefully crafted input file processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to issues with the application’s functionality...
Astra Linux - уязвимость в openexr
There is a flaw in the Scanline API functionality of OpenEXR in versions prior to 3.0.0-beta. An attacker who can submit a crafted file for processing by OpenEXR could cause excessive memory consumption, thereby affecting system availability...
Astra Linux - уязвимость в openexr
An integer overflow that leads to a heap-buffer overflow was discovered in the DwaCompressor of OpenEXR in versions prior to 3.0.1. An attacker could exploit this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215...
Astra Linux - уязвимость в openexr
An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet is less than 64 bits. This could result in invalid bytesPerLine and maxBytesPerLine values, which may lead to issues with application stability or other attack vectors...
Astra Linux - уязвимость в openexr
In the ImfChromaticities.cpp routine, within the RGBtoXYZ function, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d;. However, the divisor is not checked for a 0 value. A specially crafted file could trigger...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR’s rleUncompress functionality in versions prior to 3.0.5. An attacker who can submit a crafted file to an application that uses OpenEXR may exploit this flaw, leading to a out-of-bounds read vulnerability. The most significant risk of this flaw is the impact on the...
Astra Linux - уязвимость в openexr
There is a flaw in OpenEXR’s ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who can submit a crafted file to an application that uses OpenEXR may cause a out-of-bounds read vulnerability. The most significant risk of this flaw is the disruption of the application’s...
RockyLinux 9 : openexr (RLSA-2026:19359)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19359 advisory. OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVE-2026-34588 Tenable has extracted the preceding description block...
RHEL 9 : openexr (RHSA-2026:19587)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19587 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...
OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file
A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...
Important: Red Hat Security Advisory: openexr security update
An update for openexr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: openexr security update
An update for openexr is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file
A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...
Important: openexr security update
OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...
RHEL 9 : openexr (RHSA-2026:19359)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19359 advisory. OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents ...