Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLi...

5.5CVSS6.7AI score0.00849EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2023/10/17 12:58 p.m.42 views

Advisory ROSA-SA-2023-2248

software: openexr 2.5.8 OS: ROSA-CHROME packageevrstring: openexr-2.5.8-1.src.rpm CVE-ID: CVE-2021-3477 BDU-ID: 2021-01977 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DeepTiledInputFile::initialize function src/lib/OpenEXR/ImfDeepTiledInputFile.cpp of the OpenEXR library is related to...

5.5CVSS8.2AI score0.01007EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.27 views

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2023-022)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-022 advisory. 2024-02-15: CVE-2021-20304 was added to this advisory. A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR...

7.5CVSS6.4AI score0.01508EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-5620-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.01747EPSS
Exploits1References2
Debian
Debian
added 2022/12/11 11:52 p.m.86 views

[SECURITY] [DLA 3236-1] openexr security update

Debian LTS Advisory DLA-3236-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 12, 2022 https://wiki.debian.org/LTS Package : openexr Version : 2.2.1-4.1+deb10u2 CVE ID : CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 CVE-2021-3474 CVE-2021-3475 CVE-2021-34...

7.5CVSS6.3AI score0.01848EPSS
Exploits5
Debian
Debian
added 2022/12/10 4:27 p.m.95 views

[SECURITY] [DSA 5299-1] openexr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5299-1 [email protected] https://www.debian.org/security/ Markus Koschany December 10, 2022 https://www.debian.org/security/faq -...

6.5CVSS7AI score0.01772EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2022/10/31 12:0 a.m.36 views

GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...

8.8CVSS7.3AI score0.02291EPSS
Exploits3References14
Ubuntu
Ubuntu
added 2022/09/20 12:52 p.m.281 views

USN-5620-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. These issues only affected Ubuntu 20.04 ESM. CVE-2021-3598,...

6.5CVSS6.8AI score0.01747EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/09/07 12:0 a.m.40 views

Amazon Linux 2022 : openexr, openexr-devel, openexr-libs (ALAS2022-2022-061)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-061 advisory. An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet is less than 64 bits. This issue could cause an invalid bytesPerLine and maxBytesPerLine value, whic...

6.5CVSS6.5AI score0.00849EPSS
Exploits0References5
NVD
NVD
added 2022/03/25 7:15 p.m.23 views

CVE-2021-3933

An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...

5.5CVSS0.00849EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/03/25 12:0 a.m.36 views

CVE-2021-3933

An integer overflow could occur when OpenEXR processes a crafted file on systems where sizet 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths...

6.4AI score0.00849EPSS
Exploits0References5
CVE
CVE
added 2022/03/25 12:0 a.m.211 views

CVE-2021-3933

OpenEXR CVE-2021-3933: an integer overflow can occur when processing crafted images on platforms where size_t

5.5CVSS5.9AI score0.00849EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2021/12/07 12:0 a.m.23 views

openSUSE: Security Advisory for openexr (openSUSE-SU-2021:1537-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.4AI score0.00849EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/12/07 12:0 a.m.40 views

openSUSE 15 Security Update : openexr (openSUSE-SU-2021:1537-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1537-1 advisory. - In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y /...

6.5CVSS6.6AI score0.00849EPSS
Exploits0References7
OSV
OSV
added 2021/12/06 1:6 p.m.5 views

OPENSUSE-SU-2021:1537-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-3941: Fixed divide-by-zero in Imf31:RGBtoXYZ bsc1192556. - CVE-2021-3933: Fixed integer-overflow in Imf31:bytesPerDeepLineTable bsc1192498. This update was imported from the SUSE:SLE-15:Update update project...

6.5CVSS5.9AI score0.00849EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2021/12/06 12:0 a.m.34 views

Security update for openexr (moderate)

openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2021:1537-1 Rating: moderate References: 1192498 1192556 Cross-References: CVE-2021-3933 CVE-2021-3941 CVSS scores: CVE-2021-3933 SUSE: 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3941 SUSE: 5.5...

5.5CVSS6.9AI score0.00849EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/12/02 12:0 a.m.31 views

openSUSE: Security Advisory for openexr (openSUSE-SU-2021:3844-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.4AI score0.00849EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/12/02 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2021:3843-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.0096EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/12/02 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:3844-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.00849EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/12/02 12:0 a.m.40 views

SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2021:3844-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3844-1 advisory. - CVE-2021-3941: Fixed divide-by-zero in Imf31:RGBtoXYZ bsc1192556. - CVE-2021-3933: Fixed integer-overflow in...

6.5CVSS6.7AI score0.00849EPSS
Exploits0References7
Rows per page
Query Builder