171 matches found
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the bytesperline parameter in the ReadBMPImage function. An attacker can execute arbitrary code or cause a denial of service by supplying crafted input that triggers a 32-bit integer overflow, leading ...
CVE-2025-57803 ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the...
GHSA-MXVV-97WH-CFMM ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
Summary A 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytesperline stride to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the overflowed stride, so the first row immediately writes...
Denial Of Service (DoS)
OpenEXR is vulnerable to Denial Of Service DoS. The vulnerability is due to a NULL pointer dereference due to improper handling of deep scanline images with large sample counts in reduceMemory mode...
Heap-based Buffer Overflow
OpenEXR is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to improper memory handling due to a maliciously forged chunk header when decompressing ZIPS-packed deep scan-line EXR files...
Linux Distros Unpatched Vulnerability : CVE-2025-48071
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3...
Linux Distros Unpatched Vulnerability : CVE-2025-48072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 i...
Linux Distros Unpatched Vulnerability : CVE-2025-48073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3....
OpenEXR code issue vulnerability (CNVD-2025-24797)
OpenEXR is a high dynamic range image file format designed for the movie industry. A null pointer dereference vulnerability exists in OpenEXR version 3.3.2 when reading a deep scanline image containing a large number of sample points in reduceMemory mode, which stems from a null pointer exception...
OpenEXR Buffer Overflow Vulnerability (CNVD-2025-24799)
OpenEXR is an open standard for high dynamic range image HDR file formats. A heap buffer overflow vulnerability exists in OpenEXR versions 3.3.0 through 3.3.2 when decompressing ZIPS-compressed deep scanline EXR files, which originates from a write operation out of bounds when processing...
OpenEXR Buffer Overflow Vulnerability (CNVD-2025-24798)
OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR version 3.3.2, which stems from incorrect pointer arithmetic leading to an out-of-bounds read operation when decompressing a DWAA compressed scanline EXR file with...
SUSE CVE-2025-48071
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...
SUSE CVE-2025-48073
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...
OSV-2025-597 Heap-buffer-overflow in generic_unpack
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=435779241 Crash type: Heap-buffer-overflow READ 2 Crash state: genericunpack exrdecodingrun Imf34::ScanLineProcess::rundecode...
UBUNTU-CVE-2025-48073
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...
UBUNTU-CVE-2025-48071
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...
CVE-2025-48073
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...
CVE-2025-48072
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the ScanLineProcess::runfill function when processing deep scanline images with large sample counts in reduceMemory mode. An attacker can cause the application to crash by providing a specially crafted image...
NULL Pointer Dereference
Overview OpenEXR is a Python bindings for the OpenEXR image file format Affected versions of this package are vulnerable to NULL Pointer Dereference via the ScanLineProcess::runfill function when processing deep scanline images with large sample counts in reduceMemory mode. An attacker can cause...