Lucene search
K

2370 matches found

NVD
NVD
added 2025/11/10 10:15 p.m.5 views

CVE-2025-64182

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

7.8CVSS0.0021EPSS
Exploits1References2
NVD
NVD
added 2025/11/10 10:15 p.m.5 views

CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

7.5CVSS0.00339EPSS
Exploits1References6
OSV
OSV
added 2025/11/10 10:15 p.m.2 views

DEBIAN-CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

7.5CVSS7.3AI score0.00339EPSS
Exploits1References1
OSV
OSV
added 2025/11/10 10:15 p.m.5 views

UBUNTU-CVE-2025-64183

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

7.5CVSS7.1AI score0.00266EPSS
Exploits1References4
OSV
OSV
added 2025/11/10 10:15 p.m.6 views

UBUNTU-CVE-2025-64182

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter the deprecated...

7.8CVSS7.5AI score0.0021EPSS
Exploits1References4
OSV
OSV
added 2025/11/10 10:15 p.m.5 views

UBUNTU-CVE-2025-64181

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing openexrexrcheckfuzzer, Valgrind reports a conditional branch depending on...

7.5CVSS7.1AI score0.00339EPSS
Exploits1References9
Snyk
Snyk
added 2025/11/10 9:42 p.m.2 views

Use After Free

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Use After Free via the PyObjectStealAttrString function. An attacker can execute arbitrary code or cause a crash by passing a dangling pointer to APIs such as PyLongAsLong o...

7.5CVSS7.7AI score0.00266EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/10 9:42 p.m.2 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the PyObjectStealAttrString function. An attacker can execute arbitrary code or cause a crash by passing a dangling pointer to APIs such as PyLongAsLong or PyFloatAsDouble after the reference has been decremented. PoC...

7.5CVSS6.1AI score0.00266EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/11/10 9:42 p.m.3 views

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64183 via openexr (=3.4.12)

openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...

7.5CVSS7AI score0.00266EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/11/10 9:42 p.m.5 views

sfx (=0.1.0) potentially affected by CVE-2025-64183 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64183 Source advisory: SNYK:PYTHON-OPENEXR-13877098...

7.5CVSS7.1AI score0.00266EPSS
Exploits1
Snyk
Snyk
added 2025/11/10 9:42 p.m.1 views

Buffer Overflow

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Buffer Overflow via the channels and channel functions in the legacy Python adapter. An attacker can cause application crashes or achieve code execution by opening specially...

7.8CVSS8AI score0.0021EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/10 9:42 p.m.4 views

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the channels and channel functions in the legacy Python adapter. An attacker can cause application crashes or achieve code execution by opening specially crafted EXR files or passing malicious Python objects...

7.8CVSS6.2AI score0.0021EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/11/10 9:42 p.m.4 views

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64182 via openexr (=3.4.12)

openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...

7.8CVSS7AI score0.0021EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/11/10 9:42 p.m.6 views

sfx (=0.1.0) potentially affected by CVE-2025-64182 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64182 Source advisory: SNYK:PYTHON-OPENEXR-13876683...

7.8CVSS7.1AI score0.0021EPSS
Exploits1
Snyk
Snyk
added 2025/11/10 9:41 p.m.3 views

Use of Uninitialized Variable

Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable via the genericunpack function. An attacker can trigger undefined behavior or cause a crash by providing specially crafted input that leads to the use of uninitialized memory. PoC The archive includes the...

7.5CVSS5.6AI score0.00339EPSS
Exploits1References2
Snyk
Snyk
added 2025/11/10 9:41 p.m.2 views

Use of Uninitialized Variable

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Use of Uninitialized Variable via the genericunpack function. An attacker can trigger undefined behavior or cause a crash by providing specially crafted input that leads to...

7.5CVSS7.3AI score0.00339EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/11/10 9:41 p.m.4 views

angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64181 via openexr (=3.4.12)

openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...

7.5CVSS7AI score0.00339EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2025/11/10 9:29 p.m.2 views

CVE-2025-64183

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

7.5CVSS6.9AI score0.00266EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/10 9:29 p.m.2 views

CVE-2025-64183 OpenEXR has use after free in PyObject_StealAttrString

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObjectStealAttrString of pyOpenEXRold.cpp...

6.9CVSS6.4AI score0.00266EPSS
Exploits1References2
CVE
CVE
added 2025/11/10 9:29 p.m.12 views

CVE-2025-64183

OpenEXR vulnerability CVE-2025-64183 affects the Python exposure PyOpenEXR_old.cpp: a use-after-free in PyObject_StealAttrString when retrieving attributes via PyObject_GetAttrString, returning a dangling PyObject*. This can be triggered in various reads (e.g., PixelType.v, Box2i, V2f) and is exp...

7.5CVSS6.4AI score0.00266EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder