11 matches found
Debian DSA-5299-1 : openexr - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5299 advisory. Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound read...
OESA-2022-1639 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light and Magic for use in computer imaging applications. Security Fixes: OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from...
SUSE SLED12 / SLES12 Security Update : openexr (SUSE-SU-2022:0061-1)
The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0061-1 advisory. - OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from...
CVE-2021-45942
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...
CVE-2021-45942
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...
Heap overflow
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...
CVE-2021-45942
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...
CVE-2021-45942
CVE-2021-45942 affects OpenEXR 3.1.x prior to 3.1.4. The issue is a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute, triggered when called from the IlmThread_3_1 thread pool (NullThreadPoolProvider::addTask / ThreadPool::addGlobalTask). The public description notes this vulnerab...
CVE-2021-45942
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf31::LineCompositeTask::execute called from IlmThread31::NullThreadPoolProvider::addTask and IlmThread31::ThreadPool::addGlobalTask. NOTE: db217f2 may be inapplicable...
OSV-2021-1627 Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416 Crash type: Heap-buffer-overflow WRITE 2 Crash state: Imf31::LineCompositeTask::execute IlmThread31::NullThreadPoolProvider::addTask IlmThread31::ThreadPool::addGlobalTask...
OpenEXR -- Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute
Cary Phillips reports: OpenEXR Version 3.1.4 is a patch release that ... addresses one public security vulnerability: CVE-2021-45942 Heap-buffer-overflow in Imf31::LineCompositeTask::execute and several specific OSS-fuzz issues...