6 matches found
UBUNTU-CVE-2026-27622
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...
GHSA-CR4V-6JM6-4963 OpenEXR's CompositeDeepScanLine integer-overflow leads to heap OOB write
Summary Function: CompositeDeepScanLine::readPixels, reachable from high-level multipart deep read flows MultiPartInputFile + DeepScanLineInputPart + CompositeDeepScanLine. Vulnerable lines src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp: - totalsizesptr += countsjptr; line 511 - overallsamplecount ...
Denial Of Service (DoS)
OpenEXR is vulnerable to Denial Of Service DoS. The vulnerability is due to a NULL pointer dereference due to improper handling of deep scanline images with large sample counts in reduceMemory mode...
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
OESA-2024-1218 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...