openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An attacker can craft a malicious EXR file that, when processed, causes an integer overflow in the CompositeDeepScanLine::readPixels function. This overflow leads to an undersized buffer allocation, whic...

openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An attacker can craft a malicious EXR file that, when processed, causes an integer overflow in the CompositeDeepScanLine::readPixels function. This overflow leads to an undersized buffer allocation, whic...

SUSE CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the CompositeDeepScanLine::readPixels function. An attacker can cause memory corruption or potentially execute arbitrary code by providing a specially crafted multipart deep EXR file with large sample...

Google Chrome < 4.1.0.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 4.1.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the 201503stable-channel-update advisory. - Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM...

OSV-2025-865 Heap-buffer-overflow in generic_unpack

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=456158449 Crash type: Heap-buffer-overflow READ 4 Crash state: genericunpack Imf34::ScanLineInputFile::Data::readPixels Imf34::InputFile::readPixels...

OSV-2025-600 Heap-buffer-overflow in generic_unpack

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=436037111 Crash type: Heap-buffer-overflow READ 2 Crash state: genericunpack Imf34::ScanLineInputFile::Data::readPixels Imf34::InputFile::readPixels...

SUSE CVE-2014-9679

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow...

Apple CUPS cupsRasterReadPixels buffer overflow vulnerability

Apple CUPS is the United States Apple Apple company's set of open source for OS X and Unix-like system printing system. The system is based on the Internet Printing Protocol IPP, providing most PostScript and raster printer services. A buffer overflow vulnerability exists in Apple CUPS...

UBUNTU-CVE-2014-9679

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow...