11 matches found
Astra Linux - уязвимость в openexr
In the ImfChromaticities.cpp routine, within the RGBtoXYZ function, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d;. However, the divisor is not checked for a 0 value. A specially crafted file could trigger...
JLSEC-2026-131
In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition whi...
EUVD-2021-27154
Malware in sbrugna...
Debian DSA-5299-1 : openexr - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5299 advisory. Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound read...
DEBIAN-CVE-2021-3941
In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition whi...
Design/Logic Flaw
In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition whi...
CVE-2021-3941
OpenEXR vulnerability CVE-2021-3941 involves a divide-by-zero in ImfChromaticities.cpp RGBtoXYZ() when computing Z and related values, risking availability of programs linked with OpenEXR. Connected advisories (Astra Linux, Debian/Ubuntu disclosures, and global advisories) confirm OpenEXR as affe...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2022-1179)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 LTS : OpenEXR vulnerability (USN-5150-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5150-1 advisory. It was discovered that OpenEXR incorrectly handled certain EXR image files. An attacker could possibly use this issue to cause a crash. Tenable has...
UBUNTU-CVE-2021-3941
In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition whi...
CVE-2021-3941
In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition whi...