Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-9112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash. CVE-2017-9112 Note that Nessus relies on...

6.5CVSS6.8AI score0.01851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 6 : openexr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...

7.9AI score0.0331EPSS
Exploits15References42
vulnersOsv
vulnersOsv
added 2022/05/13 1:17 a.m.3 views

cv-depot (>=0.4.2 <=0.12.0), flatiron (>=0.20.1 <=0.26.0) +5 more potentially affected by CVE-2017-9112 via openexr (>=1.3.2 <=1.3.9)

openexr PYPI version =1.3.2, =0.4.2, =0.20.1, =0.4.0, =1.5.0, =1.6.2, =1.6.5 Source cves: CVE-2017-9112 Source advisory: OSV:GHSA-8M57-J273-2QG9...

6.5CVSS6.8AI score0.01851EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:1962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.1AI score0.0331EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2020-1416)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.02001EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/10/08 12:0 a.m.30 views

Ubuntu 16.04 LTS / 18.04 LTS : OpenEXR vulnerabilities (USN-4148-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4148-1 advisory. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image...

8.8CVSS7.1AI score0.0331EPSS
Exploits2References9
Ubuntu
Ubuntu
added 2019/10/07 11:22 a.m.120 views

USN-4148-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-12596...

8.8CVSS7AI score0.0331EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.37 views

SUSE SLED12 / SLES12 Security Update : openexr (SUSE-SU-2019:1962-1)

This update for openexr fixes the following issues : Security issue fixed : CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h bsc1040109. CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp...

8.8CVSS6.5AI score0.0331EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.34 views

Fedora 26 : mingw-OpenEXR (2018-f5d2f4ec0d)

This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

8.8CVSS6.7AI score0.0331EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.36 views

Fedora 27 : mingw-OpenEXR (2018-b152c791cc)

This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...

8.8CVSS6.7AI score0.0331EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2018/02/28 12:0 a.m.33 views

Fedora Update for mingw-OpenEXR FEDORA-2018-f5d2f4ec0d

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.5AI score0.0331EPSS
Exploits1References2
OSV
OSV
added 2018/01/03 2:22 p.m.8 views

MGASA-2018-0032 Updated OpenEXR packages fix security vulnerability

In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...

6.5CVSS6.5AI score0.01851EPSS
Exploits0References3
Mageia
Mageia
added 2018/01/03 2:22 p.m.33 views

Updated OpenEXR packages fix security vulnerability

In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...

6.5CVSS1.9AI score0.01851EPSS
Exploits0References2
Slackware Linux
Slackware Linux
added 2017/10/01 8:31 p.m.45 views

[slackware-security] openexr

New openexr packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openexr-2.2.0-i586-2slack14.2.txz: Rebuilt. Patched bugs that may lead to program crashes or possibly execution of arbitrary code...

8.8CVSS8.3AI score0.0331EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/05/25 12:49 p.m.33 views

CVE-2017-9112

In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...

6.5CVSS2.4AI score0.01851EPSS
Exploits0References1
OSV
OSV
added 2017/05/21 6:29 p.m.2 views

UBUNTU-CVE-2017-9112

In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...

6.5CVSS6.9AI score0.01851EPSS
Exploits0References4
CVE
CVE
added 2017/05/21 6:0 p.m.120 views

CVE-2017-9112

OpenEXR 2.2.0 is affected by CVE-2017-9112 due to an invalid read of size 1 in the getBits function (ImfHuf.cpp), which could cause a crash. The vulnerability details are documented across multiple sources (OpenEXR issue/PR references and Debian/Ubuntu advisories). A fix is available in OpenEXR 2...

6.5CVSS6.2AI score0.01851EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/05/21 6:0 p.m.24 views

CVE-2017-9112

In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...

6.5CVSS7.5AI score0.01851EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/05/21 6:0 p.m.37 views

CVE-2017-9112

In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...

6.5CVSS6.9AI score0.01851EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/01/12 12:0 a.m.39 views

OpenEXR -- multiple remote code execution and denial of service vulnerabilities

Brandon Perry reports: There is a zip file of EXR images that cause segmentation faults in the OpenEXR library tested against 2.2.0. CVE-2017-9110 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. CVE-2017-9111 In OpenEXR...

8.8CVSS1.5AI score0.0331EPSS
Exploits0References2
Rows per page
Query Builder