2422 matches found
ROOT-OS-DEBIAN-11-CVE-2025-12840 CVE-2025-12840 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12840 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-34379 CVE-2026-34379 in rootio-openexr - Patched by Root
Root has patched CVE-2026-34379 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2024-31047 CVE-2024-31047 in rootio-openexr - Patched by Root
Root has patched CVE-2024-31047 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-34588 CVE-2026-34588 in rootio-openexr - Patched by Root
Root has patched CVE-2026-34588 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-12495 CVE-2025-12495 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12495 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-12839 CVE-2025-12839 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12839 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-40244 CVE-2026-40244 in rootio-openexr - Patched by Root
Root has patched CVE-2026-40244 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-41142 CVE-2026-41142 in rootio-openexr - Patched by Root
Root has patched CVE-2026-41142 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-42216 CVE-2026-42216 in rootio-openexr - Patched by Root
Root has patched CVE-2026-42216 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-48074 CVE-2025-48074 in rootio-openexr - Patched by Root
Root has patched CVE-2025-48074 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
JLSEC-2026-646 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...
JLSEC-2026-644 When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run...
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
JLSEC-2026-645 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...
Astra Linux – Vulnerability in openexr
OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format used in the motion picture industry. From version 3.4.0 to before version 3.4.8, a properly crafted B44 or B44A EXR file could cause an out-of-bounds write in any application that decode...
Astra Linux – Vulnerability in openexr
OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, the per-pixel totals are accumulated in vectors of unsigned integers, called totalsizes. These totalsizes are wrapp...
Astra Linux – Vulnerability in openexr
OpenEXR provides the specification and reference implementation of the EXR file format, a image storage format for the motion picture industry. From version 3.2.0 up to versions 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder used signed 32-bit arithmetic to construct temporary per-component block...
Oracle Linux 9 : openexr (ELSA-2026-19359)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19359 advisory. 3.1.1-3.2 - fix CVE-2026-34588 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
Linux Distros Unpatched Vulnerability : CVE-2026-45696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...
Linux Distros Unpatched Vulnerability : CVE-2026-44663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...
CVE-2026-45696
A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...