Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-42450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 2:17 p.m.10 views

CVE-2026-42450

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.33 views

CVE-2026-42450 OpenColorIO vulnerable to stack buffer overflow via unbounded `sscanf %s` in Spi3D (.spi3d) LUT parser

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 1:20 p.m.44 views

CVE-2026-42450

Summary: OpenColorIO vulnerability CVE-2026-42450 arises from a stack buffer overflow in the SPI3D LUT parser. The issue is in FileFormatSpi3D.cpp:163, where an unbounded sscanf using “%s” writes into 64-byte stack buffers, with input from lineBuffer[4096], allowing a crafted .spi3d file to overf...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:20 p.m.4 views

CVE-2026-42450

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/24 1:20 p.m.10 views

EUVD-2026-38769

OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...

8.4CVSS5.9AI score0.0012EPSS
Exploits0References2
Rows per page
Query Builder