2374 matches found
ROOT-OS-DEBIAN-11-CVE-2025-48074 CVE-2025-48074 in rootio-openexr - Patched by Root
Root has patched CVE-2025-48074 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-27622 CVE-2026-27622 in rootio-openexr - Patched by Root
Root has patched CVE-2026-27622 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-31047 CVE-2024-31047 in rootio-openexr - Patched by Root
Root has patched CVE-2024-31047 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-40244 CVE-2026-40244 in rootio-openexr - Patched by Root
Root has patched CVE-2026-40244 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-12495 CVE-2025-12495 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12495 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-42217 CVE-2026-42217 in rootio-openexr - Patched by Root
Root has patched CVE-2026-42217 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-41142 CVE-2026-41142 in rootio-openexr - Patched by Root
Root has patched CVE-2026-41142 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-12840 CVE-2025-12840 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12840 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-40250 CVE-2026-40250 in rootio-openexr - Patched by Root
Root has patched CVE-2026-40250 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-12839 CVE-2025-12839 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12839 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
JLSEC-2026-646 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...
JLSEC-2026-644 When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run...
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
JLSEC-2026-645 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...
Oracle Linux 9 : openexr (ELSA-2026-19359)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19359 advisory. 3.1.1-3.2 - fix CVE-2026-34588 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
Linux Distros Unpatched Vulnerability : CVE-2026-44663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...
Linux Distros Unpatched Vulnerability : CVE-2026-45696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...
CVE-2026-45696
A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...
CVE-2026-44663
A security flaw has been identified in OpenEXR, a widely used image format library, which may impact applications processing certain high-resolution image files. Mitigation To mitigate this issue, avoid processing untrusted HTJ2K-compressed EXR files. Restricting the handling of such files to...
Astra Linux – Vulnerability in ffmpeg5
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, decompress and decode it into the buffer td-rlerawdata of size rlerawsize a...
Astra Linux – Vulnerability in openexr
There is a buffer overflow vulnerability in Academy Software Foundation OpenEXR 2.3.0, specifically in the writeTileData function within ImfTiledOutputFile.cpp. This vulnerability can lead to a denial-of-service attack if a malicious EXR file is used...