Lucene search
K

2373 matches found

EUVD
EUVD
added 2026/04/21 1:33 a.m.5 views

EUVD-2026-24047

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...

8.4CVSS5.8AI score0.0045EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/04/21 1:33 a.m.4 views

CVE-2026-40250

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...

8.4CVSS5.3AI score0.0045EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 1:33 a.m.7 views

CVE-2026-40250

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1040 performs chan-width chan-bytesperelement in...

8.4CVSS5.8AI score0.0045EPSS
Exploits0
CVE
CVE
added 2026/04/21 1:30 a.m.30 views

CVE-2026-40244

OpenEXR exposed an integer overflow in the DWA setupChannelData path. In versions 3.4.0–3.4.9, 3.3.0–3.3.9, and 3.2.0–3.2.7, internal_dwa_compressor.h:1722 performs curc->width * curc->height using int32 arithmetic without a size_t cast, creating an overflow condition. A fix has been applie...

8.4CVSS5.8AI score0.00427EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/21 1:30 a.m.6 views

CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.8AI score0.00427EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/21 1:30 a.m.53 views

CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS0.00427EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/21 1:30 a.m.4 views

EUVD-2026-24046

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.8AI score0.00427EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 1:30 a.m.9 views

CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.8AI score0.00427EPSS
Exploits1References5Affected Software1
Debian CVE
Debian CVE
added 2026/04/21 1:30 a.m.4 views

CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.3AI score0.00427EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/21 1:30 a.m.5 views

CVE-2026-40244

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS5.8AI score0.00427EPSS
Exploits0
EUVD
EUVD
added 2026/04/21 1:27 a.m.4 views

EUVD-2026-24041

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/21 1:27 a.m.31 views

CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl()

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS0.00302EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/21 1:27 a.m.8 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

8.6CVSS5.8AI score0.00611EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2026/04/21 1:27 a.m.15 views

CVE-2026-39886

CVE-2026-39886 affects OpenEXR up to version 3.4.9. A signed 32-bit overflow in ht_undo_impl() (internal_ht.cpp) of the HTJ2K decompression path can cause a per-scanline pointer arithmetic error, potentially leading to a heap out-of-bounds write when a crafted EXR with 16,385 FLOAT channels at ma...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/21 1:27 a.m.5 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.5AI score0.00302EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/21 1:27 a.m.4 views

CVE-2026-39886

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0 through 3.4.9 have a signed integer overflow vulnerability in OpenEXR's HTJ2K High-Throughput JPEG 2000 decompression path. The htundoimp...

5.3CVSS5.8AI score0.00302EPSS
Exploits1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.10 views

OpenEXR 输入验证错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9, 3.3.0 to 3.3.9, and 3.2.0 to 3.2.7 of OpenEXR contain a input validation vulnerability. This vulnerability stems from line 1722 of the...

8.4CVSS5.9AI score0.00427EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.8 views

OpenEXR 输入验证错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9 of OpenEXR contain a input validation vulnerability. This vulnerability stems from an integer overflow in the 32-bit signed integer bpl value of the...

5.3CVSS5.9AI score0.00302EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.5 views

PT-2026-33908

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.9 OpenEXR versions 3.3.0 through 3.3.9 OpenEXR versions 3.2.0 through 3.2.7 Description An integer overflow occurs in the reference implementation of the EXR image storage format. Specifically, the file...

8.4CVSS5.9AI score0.00427EPSS
Exploits0References27
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.11 views

PT-2026-33907

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.0 Description OpenEXR provides the specification and reference implementation of the EXR file format, which is an image storage format used in the motion picture industry. Recommendations At the moment, there...

5.3CVSS5.8AI score0.00302EPSS
Exploits1References13
Rows per page
Query Builder