Important: Red Hat Security Advisory: OpenEXR security update

An update for OpenEXR is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

OpenEXR 输入验证错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9, 3.3.0 to 3.3.9, and 3.2.0 to 3.2.7 of OpenEXR contain a input validation vulnerability. This vulnerability stems from line 1040 of...

Out-of-bounds Read

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

SUSE CVE-2026-25898

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is ...

CVE-2026-25898

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is ...

Integer Overflow or Wraparound

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Heap-based Buffer Overflow

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

EUVD-2021-1787

Malware in sbrugna...

CVE-2019-16138

An issue was discovered in the image crate before 0.21.3 for Rust, affecting the HDR image format decoder. Vec::setlen is called on an uninitialized vector, leading to a use-after-free and arbitrary code execution...

CVE-2024-28579

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the FreeImageUnload function when reading images in HDR format...

GHSA-M2PF-HPRP-3VQM Use after free in image

Affected versions of this crate would call Vec::setlen on an uninitialized vector with user-provided type parameter, in an interface of the HDR image format decoder. They would then also call other code that could panic before initializing all instances. This could run Drop implementations on...

Use after free in image

Affected versions of this crate would call Vec::setlen on an uninitialized vector with user-provided type parameter, in an interface of the HDR image format decoder. They would then also call other code that could panic before initializing all instances. This could run Drop implementations on...

[SECURITY] [DLA 2732-1] openexr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2732-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler August 04, 2021 https://wiki.debian.org/LTS -...

EulerOS 2.0 SP8 : OpenEXR (EulerOS-SA-2020-1584)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - OpenEXR is a high dynamic-range HDR image file format developed by Industrial Light & Magic for use in computer imaging applications. This packa...

Industrial Light and Magic OpenEXR Out-of-Bounds Read Vulnerability (CNVD-2020-24151)

Industrial Light and Magic LIM OpenEXR is an image file format from Industrial Light and Magic LIM, USA, for high dynamic range HDR images. An out-of-bounds read vulnerability exists in the ImfOptimizedPixelReading.h file in LIM OpenEXR versions prior to 2.4.1, which can be exploited by an attack...

CVE-2019-16138

An issue was discovered in the image crate before 0.21.3 for Rust, affecting the HDR image format decoder. Vec::setlen is called on an uninitialized vector, leading to a use-after-free and arbitrary code execution...

[SECURITY] Fedora 25 Update: pfstools-2.0.6-3.fc25

pfstools is a set of command line programs for reading, writing, manipulating and viewing high-dynamic range HDR images and video frames. All programs in the package exchange data using unix pipes and a simple generic HDR image format pfs. The concept of the pfstools is similar to netpbm package...

UBUNTU-CVE-2015-8900

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service infinite loop via a crafted HDR file...

[SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1567-1 [email protected] http://www.debian.org/security/ Devin Carraway May 05, 2008 http://www.debian.org/security/faq -...