Lucene search
+L

9 matches found

Ubuntu
Ubuntu
added 2026/05/07 3:37 p.m.20 views

USN-8259-1: OpenEXR vulnerabilities

Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line image files. An attacker could possibly use this issue to cause OpenEXR to crash, resulting in a denial of service, or execute arbitrary code. CVE-2026-27622 It was discovered that...

8.8CVSS6.2AI score0.00482EPSS
Exploits4
OSV
OSV
added 2026/05/07 3:37 p.m.10 views

USN-8259-1 openexr vulnerabilities

Quang Luong discovered that OpenEXR incorrectly handled sample count accumulation when processing deep scan line image files. An attacker could possibly use this issue to cause OpenEXR to crash, resulting in a denial of service, or execute arbitrary code. CVE-2026-27622 It was discovered that...

8.8CVSS6.2AI score0.00482EPSS
Exploits4References4
OSV
OSV
added 2026/04/23 1:26 p.m.8 views

CLSA-2026-1776950756 openexr: Fix of CVE-2026-34588

CVE-2026-34588 fix signed 32-bit integer overflow in PIZ decoder wavelet buffer arithmetic leading to out-of-bounds read/write...

8.8CVSS6AI score0.00482EPSS
Exploits1References1
OSV
OSV
added 2026/04/08 3:9 p.m.2 views

GHSA-588R-CR5C-W6HF OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

Summary internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic: c wavbuf += nx ny wcount; Because nx, ny, and wcount are int, a crafted EXR file can make this product overflow and wrap. The next channel then decodes from an incorrect address. The wavelet decode path...

8.6CVSS5.9AI score0.00482EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/04/08 3:9 p.m.8 views

OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

Summary internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic: c wavbuf += nx ny wcount; Because nx, ny, and wcount are int, a crafted EXR file can make this product overflow and wrap. The next channel then decodes from an incorrect address. The wavelet decode path...

8.8CVSS5.9AI score0.00482EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 3:31 p.m.4 views

CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...

8.6CVSS5.9AI score0.00482EPSS
Exploits1References4
CVE
CVE
added 2026/04/06 3:31 p.m.42 views

CVE-2026-34588

OpenEXR contains a local overflow in internal_exr_undo_piz() where nx, ny, and wcount are int, allowing an overflow and wrap that causes out-of-bounds reads/writes during wavelet decoding. This affects 3.1.0–3.2.6, 3.3.0–3.3.8, and 3.4.0–3.4.8 (per CVE-2026-34588) and is fixed in 3.2.7, 3.3.9, an...

8.8CVSS5.9AI score0.00482EPSS
Exploits1References20Affected Software1
Cvelist
Cvelist
added 2026/04/06 3:31 p.m.38 views

CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...

8.6CVSS0.00482EPSS
Exploits1References4
OSV
OSV
added 2026/04/06 3:31 p.m.3 views

CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internalexrundopiz advances the working wavelet pointer with signed 32-bit arithmetic. Because nx, ny, and...

8.6CVSS7.1AI score0.00482EPSS
Exploits1References22
Rows per page
Query Builder