27 matches found
EUVD-2022-41108
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-38529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress. CVE-2022-38529 Note that Nessus relies on the presence ...
Medium: OpenEXR
Issue Overview: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability. CVE-2021-20298 A flaw foun...
SUSE CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
Debian DSA-5299-1 : openexr - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5299 advisory. Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format. Buffer overflows or out-of-bound read...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the component rleUncompress. Remediation Upgrade tinyexr to version 1.0.6 or higher. References - GitHub Commit - GitHub Issue - GitHub PR Credit: 0xdd96...
CVE-2022-38529
tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress...
CVE-2022-38529
tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress...
UBUNTU-CVE-2022-38529
tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress...
CVE-2022-38529
CVE-2022-38529 corresponds to tinyexr where a heap-buffer overflow exists in rleUncompress due to commit 0647fb3. The CVSSv3.1 base score is 7.8 (HIGH) with LOCAL attack vector and user interaction required. Connected sources corroborate the same flaw across NVD, OSV, Debian/Ubuntu trackers and N...
CVE-2022-38529
tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress...
PT-2022-24437 · Tinyexr · Tinyexr
Name of the Vulnerable Software and Affected Versions: tinyexr version 0647fb3 Description: A heap-buffer overflow issue was discovered in the tinyexr component, specifically via the rleUncompress function. Recommendations: For tinyexr version 0647fb3, consider disabling the rleUncompress functio...
tinyexr 缓冲区错误漏洞
tinyexr is a small, header-only library by the Japanese individual developer Syoyo Fujita. It is used to load and save OpenEXR .exr images. A security vulnerability exists in tinyexr, which stems from the component rleUncompress was found to contain a heap buffer overflow...
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
Out-of-bounds
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability...