20 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could...
Debian dla-3236 : libopenexr-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3236 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3236-1 [email protected]...
[SECURITY] [DLA 3236-1] openexr security update
Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...
EulerOS 2.0 SP3 : OpenEXR (EulerOS-SA-2022-1750)
According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2022-1750)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2022-1544)
According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2022-1544)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202107-27 : OpenEXR: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202107-27 OpenEXR: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
Updated openexr packages fix security vulnerabilities
Updated openexr packages fix security vulnerabilities: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...
[SECURITY] [DLA 2701-1] openexr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2701-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler July 03, 2021 https://wiki.debian.org/LTS -...
USN-4900-1: OpenEXR vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or...
openSUSE: Security Advisory for openexr (openSUSE-SU-2021:0536-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : openexr (openSUSE-2021-536)
This update for openexr fixes the following issues : - CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 - CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 - CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172 This update was importe...
OPENSUSE-SU-2021:0536-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 - CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 - CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172 This update was imported...
SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2021:1097-1)
This update for openexr fixes the following issues : CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172 Note that Tenable Network...
SUSE-SU-2021:1097-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 - CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 - CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172...
CVE-2021-3476
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...
CVE-2021-3476
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...
CVE-2021-3476
OpenEXR CVE-2021-3476 affects the B44 uncompression in OpenEXR prior to 3.0.0-beta. A crafted EXR file can trigger shift overflows, potentially causing denial of service and affecting availability. The provided documents consistently describe this as a vulnerability in the OpenEXR library (B44 un...
FreeBSD : openexr, ilmbase -- security fixes related to reading corrupted input files (98044aba-6d72-11eb-aed7-1b1b8a70cc8b)
Cary Phillips reports : Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files.... C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021...