Lucene search
+L

2422 matches found

OSV
OSV
added 2026/07/03 10:0 a.m.7 views

ROOT-OS-DEBIAN-11-CVE-2025-12840 CVE-2025-12840 in rootio-openexr - Patched by Root

Root has patched CVE-2025-12840 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS5.8AI score0.00158EPSS
Exploits0
OSV
OSV
added 2026/07/03 10:0 a.m.5 views

ROOT-OS-DEBIAN-11-CVE-2026-34379 CVE-2026-34379 in rootio-openexr - Patched by Root

Root has patched CVE-2026-34379 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

7.1CVSS5.9AI score0.00283EPSS
Exploits1
OSV
OSV
added 2026/07/03 10:0 a.m.4 views

ROOT-OS-DEBIAN-11-CVE-2024-31047 CVE-2024-31047 in rootio-openexr - Patched by Root

Root has patched CVE-2024-31047 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

3.3CVSS5.4AI score0.00218EPSS
Exploits1
OSV
OSV
added 2026/07/03 10:0 a.m.4 views

ROOT-OS-DEBIAN-11-CVE-2026-34588 CVE-2026-34588 in rootio-openexr - Patched by Root

Root has patched CVE-2026-34588 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS7.1AI score0.00482EPSS
Exploits1
OSV
OSV
added 2026/07/03 10:0 a.m.5 views

ROOT-OS-DEBIAN-11-CVE-2025-12495 CVE-2025-12495 in rootio-openexr - Patched by Root

Root has patched CVE-2025-12495 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS5.8AI score0.00158EPSS
Exploits0
OSV
OSV
added 2026/07/03 10:0 a.m.4 views

ROOT-OS-DEBIAN-11-CVE-2025-12839 CVE-2025-12839 in rootio-openexr - Patched by Root

Root has patched CVE-2025-12839 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS5.8AI score0.00158EPSS
Exploits0
OSV
OSV
added 2026/07/03 10:0 a.m.8 views

ROOT-OS-DEBIAN-11-CVE-2026-40244 CVE-2026-40244 in rootio-openexr - Patched by Root

Root has patched CVE-2026-40244 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

7.1CVSS5.4AI score0.00427EPSS
Exploits0
OSV
OSV
added 2026/07/03 10:0 a.m.9 views

ROOT-OS-DEBIAN-11-CVE-2026-41142 CVE-2026-41142 in rootio-openexr - Patched by Root

Root has patched CVE-2026-41142 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

8.8CVSS5.4AI score0.00439EPSS
Exploits1
OSV
OSV
added 2026/07/03 10:0 a.m.6 views

ROOT-OS-DEBIAN-11-CVE-2026-42216 CVE-2026-42216 in rootio-openexr - Patched by Root

Root has patched CVE-2026-42216 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

9.1CVSS5.9AI score0.00465EPSS
Exploits1
OSV
OSV
added 2026/07/03 10:0 a.m.7 views

ROOT-OS-DEBIAN-11-CVE-2025-48074 CVE-2025-48074 in rootio-openexr - Patched by Root

Root has patched CVE-2025-48074 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS5.4AI score0.00259EPSS
Exploits1
OSV
OSV
added 2026/06/26 8:24 p.m.6 views

JLSEC-2026-646 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS6.6AI score0.00171EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:24 p.m.4 views

JLSEC-2026-644 When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run...

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS6.5AI score0.0016EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:24 p.m.3 views

JLSEC-2026-645 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...

8.7CVSS6.6AI score0.00155EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format used in the motion picture industry. From version 3.4.0 to before version 3.4.8, a properly crafted B44 or B44A EXR file could cause an out-of-bounds write in any application that decode...

8.4CVSS5.9AI score0.00244EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, the per-pixel totals are accumulated in vectors of unsigned integers, called totalsizes. These totalsizes are wrapp...

8.4CVSS7AI score0.00201EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in openexr

OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. From version 3.2.0 up to versions 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder used signed 32-bit arithmetic to construct temporary per-component block...

8.8CVSS5.7AI score0.00419EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Oracle Linux 9 : openexr (ELSA-2026-19359)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19359 advisory. 3.1.1-3.2 - fix CVE-2026-34588 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

8.8CVSS5.9AI score0.00482EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-45696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...

8.3CVSS6.1AI score0.00263EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...

7.1CVSS5.9AI score0.00262EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/06/19 2:50 p.m.9 views

CVE-2026-45696

A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...

8.3CVSS5.8AI score0.00263EPSS
Exploits1References5
Rows per page
Query Builder