RHSA-2026:19359 Red Hat Security Advisory: openexr security update

Bulletin has no description...

OESA-2026-1844 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light Magic for use in computer imaging applications. Security Fixes: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture...

EUVD-2020-4105

Malware in sbrugna...

EUVD-2020-4103

Malware in sbrugna...

EUVD-2021-13077

Malware in sbrugna...

EUVD-2021-7721

Malicious code in bioql PyPI...

CVE-2025-53009

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stac...

CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...

CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

GHSA-QHPM-86V7-PHMM OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode

Summary When reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. Details In the ScanLineProcess::runfill function, implemented in...

DLA-3236-1 openexr - security update

Bulletin has no description...

DSA-5299-1 openexr - security update

Bulletin has no description...

OPENSUSE-SU-2022:0062-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-45942: Fixed heap-based buffer overflow in Imf31:LineCompositeTask:execute. bsc1194333...

SUSE-SU-2021:14846-1 Security update for OpenEXR

This update for OpenEXR fixes the following issues: - CVE-2021-20298: Fixed out-of-memory in B44Compressor bsc1188460. - CVE-2021-20300: Fixed integer-overflow in Imf25:hufUncompress bsc1188458. - CVE-2021-20303: Fixed heap-buffer-overflow in Imf25::copyIntoFrameBuffe bsc1188457. - CVE-2021-20304...

SUSE-SU-2021:3843-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-3477: Fixed Heap-buffer-overflow in Imf25::DeepTiledInputFile::readPixelSampleCounts bsc1184353. - CVE-2021-3941: Fixed divide-by-zero in Imf31:RGBtoXYZ bsc1192556. - CVE-2021-3933: Fixed integer-overflow in Imf31:bytesPerDeepLineTabl...

SUSE-SU-2021:2913-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-20298 bsc1188460: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 bsc1188459: Fixed Null-dereference READ in Imf25:Header:operator - CVE-2021-20300 bsc1188458: Fixed Integer-overflow in Imf25:hufUncompress - CVE-2021-20302...

OPENSUSE-SU-2021:1198-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-20298 bsc1188460: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 bsc1188459: Fixed Null-dereference READ in Imf25:Header:operator - CVE-2021-20300 bsc1188458: Fixed Integer-overflow in Imf25:hufUncompress - CVE-2021-20302...

SUSE-SU-2021:2793-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-20298 bsc1188460: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 bsc1188459: Fixed Null-dereference READ in Imf25:Header:operator - CVE-2021-20300 bsc1188458: Fixed Integer-overflow in Imf25:hufUncompress - CVE-2021-20302...

OPENSUSE-SU-2021:2793-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2021-20298 bsc1188460: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 bsc1188459: Fixed Null-dereference READ in Imf25:Header:operator - CVE-2021-20300 bsc1188458: Fixed Integer-overflow in Imf25:hufUncompress - CVE-2021-20302...

Denial Of Service (DoS)

openexr is vulnerable to denial of service. A NULL pointer dereference in Imf25::Header::operator allows an attacker to crash the application via a malicious multi-part input file...