Lucene search
K

5 matches found

Cvelist
Cvelist
added 2026/06/18 8:31 p.m.20 views

CVE-2026-45696 OpenEXR HTJ2K decoder heap buffer over-read in ht_undo_impl() (DoS)

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS0.00263EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/06/18 8:31 p.m.7 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS6AI score0.00263EPSS
Exploits1
CVE
CVE
added 2026/06/18 8:20 p.m.24 views

CVE-2026-44663

OpenEXR CVE-2026-44663 is a heap-buffer overflow in the HTJ2K decoder (ht_undo_impl) caused by 32-bit signed overflow when multiplying decode->channels[i].width by bytes_per_element during HTJ2K decoding. This occurs in OpenEXR 3.4.0–3.4.11 and can lead to a heap out-of-bounds write when handl...

7.1CVSS5.2AI score0.00199EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.3 views

Python Library OpenEXR 3.4.x < 3.4.7 Heap Buffer Overflow (OOB Read)

The version of the OpenEXR Python package installed on the remote host is 3.4.x prior to 3.4.7. It is, therefore, affected by a heap buffer overflow vulnerability: - A heap-buffer-overflow out-of-bounds read occurs in the the HTJ2K decoder in OpenEXR when copying decompressed samples from OpenJPH...

8.8CVSS6.2AI score0.00611EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/01 8:51 p.m.2 views

CVE-2026-34545 OpenEXR: integer overflow lead to OOB in HTJ2K decoder

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.4CVSS6.5AI score0.00611EPSS
Exploits1References3
Rows per page
Query Builder