Lucene search
+L

171 matches found

Veracode
Veracode
added 2024/03/17 3:29 p.m.22 views

Out-of-bounds Write

openexr is vulnerable to due Out-of-bounds Write. The vulnerability is due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanline data. This vulnerability was addressed in versions v3.2.2 and v3.1.12 of the affected library...

9.1CVSS6.8AI score0.01258EPSS
Exploits1References5Affected Software1
Amazon
Amazon
added 2024/03/05 12:0 a.m.5 views

Medium: openexr

Issue Overview: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. CVE-2023-5841 Affected...

9.1CVSS7.3AI score0.01258EPSS
Exploits1
OSV
OSV
added 2024/03/01 11:7 a.m.3 views

OESA-2024-1218 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
OSV
OSV
added 2024/03/01 11:7 a.m.4 views

OESA-2024-1217 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
OSV
OSV
added 2024/03/01 11:7 a.m.3 views

OESA-2024-1216 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
OSV
OSV
added 2024/03/01 11:7 a.m.2 views

OESA-2024-1215 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...

9.1CVSS7.3AI score0.01258EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/12 12:0 a.m.25 views

FreeBSD : openexr -- Heap Overflow in Scanline Deep Data Parsing (f161a5ad-c9bd-11ee-b7a7-353f1e043d9a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f161a5ad-c9bd-11ee-b7a7-353f1e043d9a advisory. - Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep...

9.1CVSS8.5AI score0.01258EPSS
Exploits1References4
CNVD
CNVD
added 2024/02/04 12:0 a.m.12 views

OpenEX Buffer Overflow Vulnerability

OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR 3.2.1 and prior versions that stems from an inability to validate the number of scanline samples that contain deep scanline data. An attacker could exploit this vulnerabili...

9.1CVSS6.8AI score0.01258EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2024/02/02 2:11 p.m.41 views

CVE-2023-5841

A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...

9.1CVSS8.7AI score0.01258EPSS
Exploits1References4
OSV
OSV
added 2024/02/01 7:15 p.m.5 views

AZL-62324 CVE-2023-5841 affecting package OpenEXR 2.3.0-6

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS7.6AI score0.01258EPSS
Exploits1References1
OSV
OSV
added 2024/02/01 7:15 p.m.3 views

DEBIAN-CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS8.6AI score0.01258EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2024/02/01 7:15 p.m.22 views

CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS7.4AI score0.01258EPSS
Exploits1References5
OSV
OSV
added 2024/02/01 7:15 p.m.4 views

UBUNTU-CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS6AI score0.01258EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2024/02/01 6:28 p.m.37 views

CVE-2023-5841

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.1CVSS9.4AI score0.01258EPSS
Exploits1
Cvelist
Cvelist
added 2024/02/01 6:28 p.m.23 views

CVE-2023-5841 OpenEXR Heap Overflow in Scanline Deep Data Parsing

Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...

9.5AI score0.01258EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/02/01 12:0 a.m.6 views

OpenEXR 缓冲区错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR 3.2.1 and prior versions that stems from an inability to validate the number of scanline samples that contain deep scanline data. An attacker could exploit this vulnerabili...

9.1CVSS7.2AI score0.01258EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/02/01 12:0 a.m.3 views

PT-2024-2330

Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR image parsing library versions 3.2.1 and prior Description The issue is caused by a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, leading to a heap-bas...

9.4CVSS8.3AI score0.01258EPSS
Exploits1References54
OSV
OSV
added 2024/01/25 8:15 p.m.5 views

UBUNTU-CVE-2023-52355

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64 API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB...

7.5CVSS6.7AI score0.01725EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/11/03 12:0 a.m.2 views

PT-2024-1617

Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64 API. This flaw allows a remote attacker to cause a denial of...

8.8CVSS7.6AI score0.02187EPSS
Exploits31References151
Tenable Nessus
Tenable Nessus
added 2023/09/08 12:0 a.m.31 views

Amazon Linux 2 : OpenEXR (ALAS-2023-2241)

The version of OpenEXR installed on the remote host is prior to 1.7.1-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2241 advisory. There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted...

5.5CVSS6.9AI score0.01EPSS
Exploits0References4
Rows per page
Query Builder