2370 matches found
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-26981 via openexr (>=3.4.12 <=3.4.4)
openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-26981 Source advisory: SNYK:PYTHON-OPENEXR-15338791...
Signed to Unsigned Conversion Error
Overview Affected versions of this package are vulnerable to Signed to Unsigned Conversion Error via the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. An attacker can cause a heap buffer overflow by supplying a specially...
CVE-2026-26981
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
CVE-2026-26981
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
CVE-2026-26981
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
CVE-2026-26981
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
CVE-2026-26981
OpenEXR CVE-2026-26981 affects 3.3.0–3.3.6 and 3.4.0–3.4.4; a heap-buffer-overflow (OOB read) occurs in istream_nonparallel_read in ImfContextInit.cpp when parsing a malformed EXR via a memory-mapped IStream. A signed integer subtraction becomes a negative value that is implicitly cast to size_t,...
CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
OpenEXR 安全漏洞
OpenEXR is an open standard for high dynamic range image file formats, open-sourced by the Academy Software Foundation. Versions 3.3.0 to 3.3.6 and 3.4.0 to 3.4.4 of OpenEXR contain security vulnerabilities. These vulnerabilities stem from integer underflow during the parsing of malformed EXR...
PT-2026-21650
Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.3.0 through 3.3.6 OpenEXR versions 3.4.0 through 3.4.4 Description OpenEXR is an image storage format used in the motion picture industry. A heap-buffer-overflow out-of-bounds read can occur in the istream nonparallel read...
CVE-2026-26981
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...
FreeBSD : openexr -- buffer overflow in istream_nonparallel_read on invalid input data (716d25a6-0fdc-11f1-bfdf-ff9355aecb00)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 716d25a6-0fdc-11f1-bfdf-ff9355aecb00 advisory. Cary Phillips reports: openexr v3.4.5 ... fixes an incorrect size check in istreamnonparallelread that...
openexr -- buffer overflow in istream_nonparallel_read on invalid input data
Cary Phillips reports: openexr v3.4.5 ... fixes an incorrect size check in istreamnonparallelread that could lead to a buffer overflow on invalid input data...
[SECURITY] Fedora 43 Update: mingw-openexr-3.3.6-1.fc43
MinGW Windows openexr library...
[SECURITY] Fedora 42 Update: mingw-openexr-3.3.6-1.fc42
MinGW Windows openexr library...
Fedora 42 : mingw-openexr (2026-0e8fe3c8a3)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0e8fe3c8a3 advisory. Update to openexr-3.3.6, fixes multiple security issues. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 43 : mingw-openexr (2026-1fbf91067c)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1fbf91067c advisory. Update to openexr-3.3.6, fixes multiple security issues. Tenable has extracted the preceding description block directly from the Fedora security...
Important: openexr
Issue Overview: Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required ...