Lucene search
+L

7 matches found

Snyk
Snyk
added 2026/06/18 9:14 p.m.7 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the htundoimpl function when decoding a specially crafted HTJ2K-compressed EXR file. An attacker can cause a heap out-of-bounds write by supplying a file with a large decode-channelsi.width value that...

7.1CVSS5.9AI score0.00199EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/21 3:10 a.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the DwaCompressoruncompress function due to improper integer arithmetic in pointer calculations. An attacker can cause memory corruption or potentially execute arbitrary code by supplying crafted EXR...

8.4CVSS6.2AI score0.0045EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/08 3:9 p.m.2 views

Out-of-bounds Write

Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to Out-of-bounds Write. through the internalexrundopiz process. An attacker can cause out-of-bounds memory access, leading to potential memory corruption or process crash, by...

8.8CVSS6AI score0.00482EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/06 4:9 p.m.11 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the genericunpack function when parsing EXR files containing a crafted negative value for dataWindow.min.x. An attacker can cause the process to terminate unexpectedly by supplying a specially crafted E...

7.1CVSS5.8AI score0.00262EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/06 4:9 p.m.4 views

Incorrect Type Conversion or Cast

Overview Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast in the LossyDctDecoderexecute process when decoding DWA or DWAB-compressed files containing FLOAT-type channels. An attacker can cause undefined behavior, potentially leading to application crashes or...

7.1CVSS5.8AI score0.00283EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/06 4:9 p.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the undopxr24impl function. An attacker can cause memory corruption and potentially execute arbitrary code by providing a specially crafted EXR file that triggers a signed integer overflow, leading to a...

6CVSS6.1AI score0.00255EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/24 6:19 a.m.4 views

Signed to Unsigned Conversion Error

Overview Affected versions of this package are vulnerable to Signed to Unsigned Conversion Error via the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. An attacker can cause a heap buffer overflow by supplying a specially...

7.1CVSS5.9AI score0.00523EPSS
Exploits1References2
Rows per page
Query Builder