PT-2025-31585 · Openexr · Openexr

Name of the Vulnerable Software and Affected Versions: OpenEXR versions 3.3.0 through 3.3.2 Description: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. A heap-based buffer overflow occurs during a...

The vulnerability of the B44Compressor component of the image storage software for OpenEXR, which has a wide dynamic range of brightness levels, allows a hacker to trigger a service failure.

The vulnerability of the B44Compressor component of the OpenEXR image storage software, which handles images with wide dynamic range of brightness, is related to buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created...

Advisory ROSA-SA-2023-2248

software: openexr 2.5.8 OS: ROSA-CHROME packageevrstring: openexr-2.5.8-1.src.rpm CVE-ID: CVE-2021-3477 BDU-ID: 2021-01977 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the DeepTiledInputFile::initialize function src/lib/OpenEXR/ImfDeepTiledInputFile.cpp of the OpenEXR library is related to...

The vulnerability in the ImfMisc.cpp library of software for storing images in OpenEXR format, which has a wide dynamic range of brightness levels, arises from writing beyond the buffer boundaries. This allows an attacker to cause a service failure.

The vulnerability in the ImfMisc.cpp library of the OpenEXR image storage software lies in the handling of operations that exceed the allowable buffer data size. Exploiting this vulnerability could allow an attacker to cause a service failure...