2368 matches found
UBUNTU-CVE-2026-44663
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...
UBUNTU-CVE-2026-45696
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the htundoimpl function when decoding a specially crafted HTJ2K-compressed EXR file. An attacker can cause a heap out-of-bounds write by supplying a file with a large decode-channelsi.width value that...
CVE-2026-45696
CVE-2026-45696 affects OpenEXR 3.4.0–3.4.11, where the HTJ2K decoder’s ht_undo_impl() can perform a heap-buffer-overflow READ due to a width mismatch between the EXR codestream and the declared line width. The decoder copies 32-bit samples from cur_line->i32[] without validating the OpenJPH li...
CVE-2026-45696 OpenEXR HTJ2K decoder heap buffer over-read in ht_undo_impl() (DoS)
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...
CVE-2026-45696
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...
CVE-2026-45696
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...
CVE-2026-44663
OpenEXR CVE-2026-44663 is a heap-buffer overflow in the HTJ2K decoder (ht_undo_impl) caused by 32-bit signed overflow when multiplying decode->channels[i].width by bytes_per_element during HTJ2K decoding. This occurs in OpenEXR 3.4.0–3.4.11 and can lead to a heap out-of-bounds write when handl...
CVE-2026-44663 OpenEXR: Integer overflow in the HTJ2K decoder leads to heap-buffer-overflow
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...
CVE-2026-44663
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...
CVE-2026-44663
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...
CVE-2026-44663
OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...
ROOT-OS-DEBIAN-13-CVE-2025-12840 CVE-2025-12840 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12840 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-42216 CVE-2026-42216 in rootio-openexr - Patched by Root
Root has patched CVE-2026-42216 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-34545 CVE-2026-34545 in rootio-openexr - Patched by Root
Root has patched CVE-2026-34545 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-48074 CVE-2025-48074 in rootio-openexr - Patched by Root
Root has patched CVE-2025-48074 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-34379 CVE-2026-34379 in rootio-openexr - Patched by Root
Root has patched CVE-2026-34379 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-64181 CVE-2025-64181 in rootio-openexr - Patched by Root
Root has patched CVE-2025-64181 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-27622 CVE-2026-27622 in rootio-openexr - Patched by Root
Root has patched CVE-2026-27622 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-40244 CVE-2026-40244 in rootio-openexr - Patched by Root
Root has patched CVE-2026-40244 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...