2370 matches found
openSUSE 16 Security Update : openexr (openSUSE-SU-2025-20056-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025-20056-1 advisory. - CVE-2025-64181: Fixed use of uninitialized memory in function genericunpack bsc1253233 Tenable has extracted the preceding description block directly...
Security update for openexr (moderate)
openSUSE security update: security update for openexr ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20056-1 Rating: moderate References: bsc1253233 Cross-References: CVE-2025-64181 CVSS scores: CVE-2025-64181 SUSE : 4...
CVE-2025-64181
A vulnerability has been identified in the genericunpack function of OpenEXR’s file-handling library, where uninitialized memory is read when processing certain malformed EXR files. An attacker who supplies a specially crafted EXR file to a vulnerable application that uses OpenEXR may trigger...
CVE-2025-64182
A memory-safety vulnerability has been identified in the Python bindings of OpenEXR, where improper checks on image channels and attribute stealing operations may result in buffer overflow when processing crafted EXR files or Python objects. An attacker supplying a malicious EXR file or crafted...
CVE-2025-64183
A use-after-free vulnerability has been identified in the Python bindings of the OpenEXR library, where object ownership is incorrectly transferred when image channel data is accessed from Python. When a Python script retrieves the list of channel names or reads pixel data through the affected...
SUSE-SU-2025:21014-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2025-64181: Fixed use of uninitialized memory in function genericunpack bsc1253233...
OPENSUSE-SU-2025:20056-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2025-64181: Fixed use of uninitialized memory in function genericunpack bsc1253233...
SUSE CVE-2025-64181
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...
SUSE CVE-2025-64183
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...
SUSE CVE-2025-64182
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Linux Distros Unpatched Vulnerability : CVE-2025-64183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2...
Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Academy Software Foundation OpenEXR. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
PT-2025-46551
Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR affected versions not specified Description A flaw exists in the parsing of EXR files due to insufficient validation of user-supplied data length before copying it to a heap-based buffer. This can allow a...
PT-2025-46552
Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR affected versions not specified Description A flaw exists in the parsing of EXR files due to insufficient validation of user-supplied data length before copying it to a heap-based buffer. This can allow a...
PT-2025-46549
Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR affected versions not specified Description A flaw exists in the parsing of EXR files, stemming from insufficient validation of user-supplied data length before copying it into a heap-based buffer. This can...
Linux Distros Unpatched Vulnerability : CVE-2025-64182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2...
Linux Distros Unpatched Vulnerability : CVE-2025-64181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3...
CVE-2025-64183
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...