Lucene search
K

11 matches found

Snyk
Snyk
added 2026/06/18 10:13 p.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the htundoimpl function. An attacker can cause a crash and potentially leak adjacent heap memory by supplying a crafted EXR file with mismatched channel width and buffer length. Remediation Upgrade openexr...

8.3CVSS6.1AI score0.00263EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/04/02 11:26 p.m.5 views

SUSE CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

7.8CVSS6.6AI score0.00611EPSS
Exploits1References3
OSV
OSV
added 2026/04/01 9:17 p.m.5 views

DEBIAN-CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

7.3CVSS6.6AI score0.00611EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/01 9:17 p.m.4 views

CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.4CVSS6.1AI score0.00611EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/01 8:51 p.m.34 views

CVE-2026-34545 OpenEXR: integer overflow lead to OOB in HTJ2K decoder

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.4CVSS0.00611EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/04/01 8:51 p.m.5 views

CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.8CVSS6.5AI score0.00611EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/04/01 8:51 p.m.17 views

CVE-2026-34545

CVE-2026-34545 affects OpenEXR versions 3.4.0–3.4.6, where decoding an EXR file using HTJ2K compression with a channel width of 32768 can trigger a heap write overflow. The overflow occurs while decoding and writes beyond the output heap buffer, with a write primitive of 2 bytes per overflow iter...

8.8CVSS6.5AI score0.00611EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2026/04/01 8:51 p.m.15 views

CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.8CVSS6.6AI score0.00611EPSS
Exploits1
EUVD
EUVD
added 2026/04/01 8:51 p.m.7 views

EUVD-2026-18062

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.4CVSS6.5AI score0.00611EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29622

Name of the Vulnerable Software and Affected Versions OpenEXR versions 3.4.0 through 3.4.6 Description OpenEXR, a specification and reference implementation of the EXR file format used in the motion picture industry, contains a flaw. A crafted .exr file utilizing HTJ2K compression and a channel...

8.4CVSS6.4AI score0.00611EPSS
Exploits1References23
CVE
CVE
added 2024/08/26 10:11 a.m.124 views

CVE-2024-43912

CVE-2024-43912 in the Linux kernel affects the wifi nl80211 code:AP channel width setting is now disallowed when using non-standard widths (e.g., S1G or narrow channels). The issue arises from allowing non-standard AP channel widths while normal 20/40/… MHz progression is expected, and the patch ...

5.5CVSS7.1AI score0.0021EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder