20 matches found
SUSE CVE-2026-43996
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
Linux Distros Unpatched Vulnerability : CVE-2026-43996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper bounds checking in the decodepixel process. An attacker can trigger an out-of-bounds read by supplying a specially crafted TGA paletted image that causes integer wraparound during palette index...
DEBIAN-CVE-2026-43996
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
CVE-2026-43996
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
UBUNTU-CVE-2026-43996
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
CVE-2026-43996 OpenImageIO: Integer wraparound in bounds check of decode_pixel leads to out-of-bounds read in TGA paletted image decoder
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...
OpenImageIO 缓冲区错误漏洞
OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO prior to 3.0.18.0 and 3.1.13.0 contained a buffer error vulnerability. This vulnerability stemmed from...
Linux Distros Unpatched Vulnerability : CVE-2018-12687
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. CVE-2018-12687 Note that Nessus relies on the presence of the package as reported by the...
SUSE CVE-2023-22845
An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...
DEBIAN-CVE-2023-22845
An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...
UBUNTU-CVE-2023-22845
An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2023-22845
An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow. In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. Remediation Upgrade tinyexr to version 1.0.6 or higher. References - GitHub Issue...
UBUNTU-CVE-2022-34300
In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData...
The vulnerability of the tinyexr::DecodePixelData function in the tinyexr.h component of the OpenEXR Tinyexr processing library allows a attacker to cause a service failure.
The vulnerability of the tinyexr::DecodePixelData function in the tinyexr.h component of the OpenEXR processing library involves integer overflow. Exploiting this vulnerability allows a malicious actor to cause service interruptions...
Industrial Light And Magic(lim) OpenEXR 输入验证错误漏洞
Industrial Light And Magic lim OpenEXR is an image file format for high dynamic range HDR images from Industrial Light and Magic LIM Industrial Light And Magic lim, USA. A security vulnerability exists in OpenEXR version 0.9.5, which stems from an integer overflow override in...
UBUNTU-CVE-2018-12687
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...
tinyexr buffer overflow vulnerability (CNVD-2018-14428)
tinyexr is a small OpenEXR image load/save library. A buffer overflow vulnerability exists in the 'tinyexr::DecodePixelData' function of the tinyexr.h file in version 0.9.5 of tinyexr. An attacker can exploit this vulnerability to cause a buffer out-of-bounds read...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. Remediation There is no fixed version for tinyexr. References - GitHub Issue...