27 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked wi...
Advisory ROSA-SA-2023-2248
software: openexr 2.5.8 OS: ROSA-CHROME packageevrstring: openexr-2.5.8-1.src.rpm CVE-ID: CVE-2021-3477 BDU-ID: 2021-01977 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DeepTiledInputFile::initialize function src/lib/OpenEXR/ImfDeepTiledInputFile.cpp of the OpenEXR library is related to...
Ubuntu: Security Advisory (USN-5620-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3236-1] openexr security update
Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...
Debian DSA-5299-1 : openexr - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5299 advisory. Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound read...
[SECURITY] [DSA 5299-1] openexr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5299-1 [email protected] https://www.debian.org/security/ Markus Koschany December 10, 2022 https://www.debian.org/security/faq -...
GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...
USN-5620-1: OpenEXR vulnerabilities
It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. CVE-2021-3598,...
EulerOS 2.0 SP3 : OpenEXR (EulerOS-SA-2022-1750)
According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2022-1750)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2022-1544)
According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2022-1544)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3605
CVE-2021-3605 describes a flaw in OpenEXR's rleUncompress function in versions prior to 3.0.5 that could allow an attacker to submit a crafted file to an application linked with OpenEXR, causing an out-of-bounds read with the greatest impact on availability. Multiple connected sources confirm the...
openSUSE: Security Advisory for openexr (openSUSE-SU-2021:2158-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:2158-1 Security update for openexr
This update for openexr fixes the following issues: - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Heap buffer overflow in Imf31:CharPtrIO:readChars...
Updated openexr packages fix security vulnerabilities
Updated openexr packages fix security vulnerabilities: It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...
USN-4996-1: OpenEXR vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or...
SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2021:2158-1)
The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2158-1 advisory. - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Hea...
SUSE SLED12: libIlmImf-Imf_2_1-21 / libIlmImf-Imf_2_1-21-32bit / openexr / etc (SUSE-SU-2021:2159-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2159-1 advisory. - Fixed CVE-2021-3479 bsc1184354: Out-of-memory caused by allocation of a very large buffer - Fixed CVE-2021-3605...
openSUSE 15 Security Update : openexr (openSUSE-SU-2021:0925-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:0925-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...