Lucene search
K

18 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEX...

5.5CVSS6.7AI score0.01EPSS
Exploits0References2
rosalinux
rosalinux
added 2023/10/17 12:58 p.m.42 views

Advisory ROSA-SA-2023-2248

software: openexr 2.5.8 OS: ROSA-CHROME packageevrstring: openexr-2.5.8-1.src.rpm CVE-ID: CVE-2021-3477 BDU-ID: 2021-01977 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DeepTiledInputFile::initialize function src/lib/OpenEXR/ImfDeepTiledInputFile.cpp of the OpenEXR library is related to...

5.5CVSS8.2AI score0.01007EPSS
Exploits1
nessus
nessus
added 2023/09/08 12:0 a.m.31 views

Amazon Linux 2 : OpenEXR (ALAS-2023-2241)

The version of OpenEXR installed on the remote host is prior to 1.7.1-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2241 advisory. There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted...

5.5CVSS6.9AI score0.01EPSS
Exploits0References4
amazon
amazon
added 2023/09/05 12:0 a.m.26 views

Medium: OpenEXR

Issue Overview: There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability. CVE-2021-3479 Affected...

5.5CVSS5.9AI score0.01EPSS
Exploits0
debian
debian
added 2022/12/11 11:52 p.m.80 views

[SECURITY] [DLA 3236-1] openexr security update

Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...

7.5CVSS6.3AI score0.01848EPSS
Exploits5
nessus
nessus
added 2022/01/24 12:0 a.m.36 views

GLSA-202107-27 : OpenEXR: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202107-27 OpenEXR: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...

5.5CVSS6.4AI score0.01848EPSS
Exploits8References19
mageia
mageia
added 2021/07/10 12:56 p.m.48 views

Updated openexr packages fix security vulnerabilities

Updated openexr packages fix security vulnerabilities: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

8.8CVSS3AI score0.02291EPSS
Exploits1References5
debian
debian
added 2021/07/03 6:16 p.m.224 views

[SECURITY] [DLA 2701-1] openexr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2701-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler July 03, 2021 https://wiki.debian.org/LTS -...

5.5CVSS7.2AI score0.01848EPSS
Exploits2
nessus
nessus
added 2021/06/28 12:0 a.m.34 views

SUSE SLED12: libIlmImf-Imf_2_1-21 / libIlmImf-Imf_2_1-21-32bit / openexr / etc (SUSE-SU-2021:2159-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2159-1 advisory. - Fixed CVE-2021-3479 bsc1184354: Out-of-memory caused by allocation of a very large buffer - Fixed CVE-2021-3605...

5.5CVSS6.7AI score0.01007EPSS
Exploits1References10
openvas
openvas
added 2021/06/25 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2021:2159-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.3AI score0.01007EPSS
Exploits1References6
osv
osv
added 2021/06/24 1:42 p.m.6 views

SUSE-SU-2021:2159-1 Security update for openexr

This update for openexr fixes the following issues: - Fixed CVE-2021-3479 bsc1184354: Out-of-memory caused by allocation of a very large buffer - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Heap buffer overflow in...

5.5CVSS6.1AI score0.01007EPSS
Exploits1References7
openvas
openvas
added 2021/06/23 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2021:14757-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.2AI score0.01007EPSS
Exploits0References5
openvas
openvas
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:1489-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.3AI score0.01747EPSS
Exploits0References2
nessus
nessus
added 2021/05/18 12:0 a.m.37 views

openSUSE Security Update : openexr (openSUSE-2021-670)

This update for openexr fixes the following issues : - CVE-2021-23215: Fixed an integer-overflow in Imf25:DwaCompressor:initializeBuffers bsc1185216. - CVE-2021-26260: Fixed an Integer-overflow in Imf25:DwaCompressor:initializeBuffers bsc1185217. - CVE-2021-20296: Fixed a NULL pointer dereference...

5.5CVSS6.4AI score0.01747EPSS
Exploits0References10
cloudfoundry
cloudfoundry
added 2021/04/29 12:0 a.m.42 views

USN-4900-1: OpenEXR vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or...

5.5CVSS6.8AI score0.01848EPSS
Exploits0Affected Software2
ubuntucve
ubuntucve
added 2021/03/31 2:15 p.m.38 views

CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability...

5.5CVSS6.8AI score0.01EPSS
Exploits0References2
cve
cve
added 2021/03/31 12:0 a.m.243 views

CVE-2021-3479

CVE-2021-3479 is a vulnerability in OpenEXR’s Scanline API. The flaw affects OpenEXR versions prior to 3.0.0-beta where processing a crafted EXR file can trigger excessive memory consumption, resulting in a denial of service (system availability impact). Connected advisories confirm real-world re...

5.5CVSS5.4AI score0.01EPSS
Exploits0References5Affected Software1
nessus
nessus
added 2021/02/16 12:0 a.m.33 views

FreeBSD : openexr, ilmbase -- security fixes related to reading corrupted input files (98044aba-6d72-11eb-aed7-1b1b8a70cc8b)

Cary Phillips reports : Patch release with various bug/sanitizer/security fixes, primarily related to reading corrupted input files.... C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021...

5.5CVSS6.2AI score0.01848EPSS
Exploits0References10
Rows per page
Query Builder