Lucene search
+L

338 matches found

rocky
rocky
added 2 days ago7 views

openexr security update

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file format...

9.1CVSS6.4AI score0.00465EPSS
Exploits2
osv
osv
added 2 days ago3 views

RLSA-2026:38498 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.4AI score0.00465EPSS
Exploits2References3
redhat
redhat
added 3 days ago5 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
redhat
redhat
added 3 days ago5 views

Important: Red Hat Security Advisory: openexr security update

An update for openexr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.1CVSS6.4AI score0.00465EPSS
Exploits2References3
redhat
redhat
added 3 days ago5 views

OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS6.1AI score0.00465EPSS
Exploits1References5
nessus
nessus
added 2026/06/20 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-44663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11...

7.1CVSS5.9AI score0.00262EPSS
Exploits2References4
redhatcve
redhatcve
added 2026/06/19 2:50 p.m.10 views

CVE-2026-45696

A flaw was found in the OpenEXR image library. If an application opens a maliciously crafted EXR image file, it triggers a memory error. An attacker can use this to crash the application—causing a denial of service DoS—and potentially view sensitive information from the application's memory. Any...

8.3CVSS5.8AI score0.00263EPSS
Exploits1References5
redhatcve
redhatcve
added 2026/06/19 2:2 p.m.11 views

CVE-2026-44663

A security flaw has been identified in OpenEXR, a widely used image format library, which may impact applications processing certain high-resolution image files. Mitigation To mitigate this issue, avoid processing untrusted HTJ2K-compressed EXR files. Restricting the handling of such files to...

7.1CVSS5.7AI score0.00199EPSS
Exploits1References5
snyk
snyk
added 2026/06/18 10:13 p.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the htundoimpl function. An attacker can cause a crash and potentially leak adjacent heap memory by supplying a crafted EXR file with mismatched channel width and buffer length. Remediation Upgrade openexr...

8.3CVSS6.1AI score0.00263EPSS
Exploits1References2
osv
osv
added 2026/06/18 9:16 p.m.9 views

DEBIAN-CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

6.5CVSS6AI score0.00263EPSS
Exploits1References1
nvd
nvd
added 2026/06/18 9:16 p.m.14 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS0.00263EPSS
Exploits1References5
osv
osv
added 2026/06/18 9:16 p.m.5 views

UBUNTU-CVE-2026-44663

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, an integer overflow in htundoimpl in src/lib/OpenEXRCore/internalht.cpp leads to a heap-buffer overflow when decoding a crafted...

7.1CVSS5.8AI score0.00199EPSS
Exploits1References5
snyk
snyk
added 2026/06/18 9:14 p.m.6 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the htundoimpl function when decoding a specially crafted HTJ2K-compressed EXR file. An attacker can cause a heap out-of-bounds write by supplying a file with a large decode-channelsi.width value that...

7.1CVSS5.9AI score0.00199EPSS
Exploits1References2
debiancve
debiancve
added 2026/06/18 8:31 p.m.10 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS6AI score0.00263EPSS
Exploits1
redhatcve
redhatcve
added 2026/06/05 1:58 p.m.13 views

CVE-2026-42216

A flaw was found in OpenEXR. A remote attacker could exploit a vulnerability in the IDManifest::init function when processing specially crafted EXR files. The function attempts to reconstruct strings from a prefix-compressed representation. If a previous string exceeds 255 bytes, the subsequent...

9.1CVSS5.7AI score0.00465EPSS
Exploits1References4
osv
osv
added 2026/05/29 4:3 p.m.11 views

RLSA-2026:19146 Important: openexr security update

OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fixes:...

8.8CVSS6.2AI score0.00482EPSS
Exploits1References2
osv
osv
added 2026/05/22 1:17 p.m.13 views

OESA-2026-2364 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

9.8CVSS5.9AI score0.00465EPSS
Exploits3References4
redhat
redhat
added 2026/05/20 11:15 a.m.14 views

OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

A flaw was found in OpenEXR, an image storage format for the motion picture industry. A remote attacker could exploit an integer overflow vulnerability in the internalexrundopiz function by providing a specially crafted EXR file. This flaw leads to out-of-bounds reads and writes, which may allow...

8.8CVSS6.3AI score0.00482EPSS
Exploits1References5
rocky
rocky
added 2026/05/20 6:3 a.m.17 views

openexr security update

An update is available for openexr. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenEXR is an open-source high-dynamic-range floating-point image file format...

8.8CVSS6.2AI score0.00482EPSS
Exploits1
astralinux
astralinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in ffmpeg

The decodeframe function in libavcodec/exr.c in FFmpeg 4.3.1 has a buffer overflow due to errors in calculating when to perform memset zero operations...

7.5CVSS7.5AI score0.02263EPSS
Exploits1References1
Rows per page
Query Builder