21 matches found
Out-of-bounds Write
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Write through the LossyDctDecoderexecute process. An attacker can cause a crash or denial of service by providing a crafted scanline DWAA file that triggers an...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the LossyDctDecoderexecute process. An attacker can cause a crash or denial of service by providing a crafted scanline DWAA file that triggers an integer overflow, resulting in a heap out-of-bounds write duri...
Linux Distros Unpatched Vulnerability : CVE-2025-59731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length- encoded data is not checked when using it to calculate...
CVE-2025-59733
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...
DEBIAN-CVE-2025-59732
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...
UBUNTU-CVE-2025-59731
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
CVE-2025-59733
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...
CVE-2025-59732 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...
CVE-2025-59732 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...
CVE-2025-59732
When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...
CVE-2025-59731
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
CVE-2025-59731 Heap-buffer-overflow write in FFmpeg EXR dwa_uncompress
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
CVE-2025-59731
OpenEXR/FFmpeg CVE-2025-59731 describes a vulnerability in DWAA/DWAB run-length decoding where the rle_raw_size is not checked when calculating output data. The decoder reads rle_raw_size, decompresses into td->rle_raw_data, and may access entries up to (td->xsize-1)*(td->ysize-1) + rle_...
OpenEXR Buffer Overflow Vulnerability (CNVD-2025-24798)
OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR version 3.3.2, which stems from incorrect pointer arithmetic leading to an out-of-bounds read operation when decompressing a DWAA compressed scanline EXR file with...
SUSE CVE-2025-48072
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...
CVE-2025-48072
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...
GHSA-4R7W-Q3JG-FF43 OpenEXR Out of Bounds Heap Read due to Bad Pointer Arithmetic in LossyDctDecoder_execute
Summary The OpenEXRCore code is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. Details In the LossyDctDecoderexecute function from...
PT-2025-31587 · Openexr +1 · Openexr +1
Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.3.3 Description: OpenEXR, an image storage format used in the motion picture industry, contains a flaw. A heap-based buffer overflow can occur during a read operation when decompressing DWAA-packed scan-line EXR...
OpenEXR 缓冲区错误漏洞
OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR version 3.3.2, which stems from incorrect pointer arithmetic leading to an out-of-bounds read operation when decompressing a DWAA compressed scanline EXR file with...
Heap Based Buffer Overflow
openexr is vulnerable to a heap-based buffer overflow. The vulnerability is due to bad pointer math during decompression of DWAA-packed scan-line EXR files with a maliciously forged chunk, which allows an attacker to trigger memory corruption and potentially execute arbitrary code...