12 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-16587
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that ca...
RHEL 6 : openexr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...
Debian dla-3236 : libopenexr-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3236 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3236-1 [email protected]...
[SECURITY] [DLA 3236-1] openexr security update
Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...
[SECURITY] [DLA 2701-1] openexr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2701-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler July 03, 2021 https://wiki.debian.org/LTS -...
CVE-2020-16587
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file...
USN-4676-1: OpenEXR vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or...
openSUSE Security Update : openexr (openSUSE-2020-2349)
This update for openexr fixes the following issues : Security issues fixed : - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. - CVE-2020-16588: Fixed a NULL pointer deference in generatePreview bsc1179879. - CVE-2020-16589:...
openSUSE Security Update : openexr (openSUSE-2020-2351)
This update for openexr fixes the following issues : Security issues fixed : - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. - CVE-2020-16588: Fixed a NULL pointer deference in generatePreview bsc1179879. - CVE-2020-16589:...
OPENSUSE-SU-2020:2351-1 Security update for openexr
This update for openexr fixes the following issues: Security issues fixed: - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. - CVE-2020-16588: Fixed a null pointer deference in generatePreview bsc1179879. - CVE-2020-16589:...
CVE-2020-16587
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file...
CVE-2020-16587
OpenEXR 2.3.0 (ImfMultiPartInputFile.cpp, chunkOffsetReconstruction) contains a heap-based buffer overflow that can cause a denial of service when processing a crafted EXR file. Public advisories (e.g., Debian DLA/OpenEXR entries) list CVE-2020-16587 among affected issues and document patched ver...