171 matches found
Out-of-bounds Write
openexr is vulnerable to due Out-of-bounds Write. The vulnerability is due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanline data. This vulnerability was addressed in versions v3.2.2 and v3.1.12 of the affected library...
Medium: openexr
Issue Overview: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. CVE-2023-5841 Affected...
OESA-2024-1218 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...
OESA-2024-1217 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...
OESA-2024-1216 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...
OESA-2024-1215 OpenEXR security update
OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundati...
FreeBSD : openexr -- Heap Overflow in Scanline Deep Data Parsing (f161a5ad-c9bd-11ee-b7a7-353f1e043d9a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f161a5ad-c9bd-11ee-b7a7-353f1e043d9a advisory. - Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep...
OpenEX Buffer Overflow Vulnerability
OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR 3.2.1 and prior versions that stems from an inability to validate the number of scanline samples that contain deep scanline data. An attacker could exploit this vulnerabili...
CVE-2023-5841
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
AZL-62324 CVE-2023-5841 affecting package OpenEXR 2.3.0-6
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
DEBIAN-CVE-2023-5841
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
CVE-2023-5841
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
UBUNTU-CVE-2023-5841
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
CVE-2023-5841
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
CVE-2023-5841 OpenEXR Heap Overflow in Scanline Deep Data Parsing
Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. This issue was resolved as of versions v3.2...
OpenEXR 缓冲区错误漏洞
OpenEXR is an open standard for high dynamic range image HDR file formats. A buffer overflow vulnerability exists in OpenEXR 3.2.1 and prior versions that stems from an inability to validate the number of scanline samples that contain deep scanline data. An attacker could exploit this vulnerabili...
PT-2024-2330
Name of the Vulnerable Software and Affected Versions Academy Software Foundation OpenEXR image parsing library versions 3.2.1 and prior Description The issue is caused by a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, leading to a heap-bas...
UBUNTU-CVE-2023-52355
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64 API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB...
PT-2024-1617
Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64 API. This flaw allows a remote attacker to cause a denial of...
Amazon Linux 2 : OpenEXR (ALAS-2023-2241)
The version of OpenEXR installed on the remote host is prior to 1.7.1-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2241 advisory. There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted...