USN-8259-1: OpenEXR vulnerabilities

Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line image files. An attacker could possibly use this issue to cause OpenEXR to crash, resulting in a denial of service, or execute arbitrary code. CVE-2026-27622 It was discovered that...

USN-8259-1 openexr vulnerabilities

Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line image files. An attacker could possibly use this issue to cause OpenEXR to crash, resulting in a denial of service, or execute arbitrary code. CVE-2026-27622 It was discovered that...

OESA-2026-1689 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

OESA-2026-1687 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via undozipimpl function during a write operation when decompressing ZIPS-packed deep scan-line EXR files. An attacker can write arbitrary data to the heap and potentially execute code by supplying a specially...

Heap-based Buffer Overflow

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Heap-based Buffer Overflow via undozipimpl function during a write operation when decompressing ZIPS-packed deep scan-line EXR files. An attacker can write arbitrary data to...

OESA-2021-1268 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a craft...

The vulnerability of the DeepScanLineInputFile() function in software for storing images with wide dynamic range brightness in OpenEXR, related to memory usage after deallocation, allows a hacker to cause a service failure.

The vulnerability of the DeepScanLineInputFile function in software for storing images in OpenEXR format with a wide dynamic range of brightness levels is related to the use of memory areas after they are freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

DEBIAN-CVE-2021-3598

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...

AZL-44481 CVE-2020-15305 affecting package OpenEXR 2.3.0-6

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile in IlmImf/ImfDeepScanLineInputFile.cpp...