Lucene search
K

6 matches found

OSV
OSV
added 2026/03/03 11:15 p.m.5 views

UBUNTU-CVE-2026-27622

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across many parts,...

8.4CVSS5.8AI score0.00201EPSS
Exploits2References4
OSV
OSV
added 2026/03/02 6:30 p.m.4 views

GHSA-CR4V-6JM6-4963 OpenEXR's CompositeDeepScanLine integer-overflow leads to heap OOB write

Summary Function: CompositeDeepScanLine::readPixels, reachable from high-level multipart deep read flows MultiPartInputFile + DeepScanLineInputPart + CompositeDeepScanLine. Vulnerable lines src/lib/OpenEXR/ImfCompositeDeepScanLine.cpp: - totalsizesptr += countsjptr; line 511 - overallsamplecount ...

8.4CVSS6.2AI score0.00201EPSS
Exploits2References3
Veracode
Veracode
added 2025/08/18 9:8 a.m.4 views

Denial Of Service (DoS)

OpenEXR is vulnerable to Denial Of Service DoS. The vulnerability is due to a NULL pointer dereference due to improper handling of deep scanline images with large sample counts in reduceMemory mode...

6.2CVSS7AI score0.00198EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2024/11/04 12:22 p.m.10 views

OpenEXR: Heap Overflow in Scanline Deep Data Parsing

A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...

9.1CVSS5.8AI score0.01258EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/11/04 12:9 p.m.4 views

OpenEXR: Heap Overflow in Scanline Deep Data Parsing

A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...

9.1CVSS5.8AI score0.01258EPSS
Exploits1References5
OSV
OSV
added 2024/03/01 11:7 a.m.2 views

OESA-2024-1218 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
Rows per page
Query Builder