Lucene search
K

70 matches found

Cvelist
Cvelist
added 2023/08/02 7:52 p.m.52 views

CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...

6.5AI score0.00805EPSS
Exploits0References7
OSV
OSV
added 2023/08/02 7:52 p.m.25 views

CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...

6.5CVSS6.7AI score0.00805EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2023/08/02 7:52 p.m.22 views

CVE-2023-29407 Excessive CPU consumption when decoding 0-height images in golang.org/x/image/tiff

A maliciously-crafted image can cause excessive CPU consumption in decoding. A tiled image with a height of 0 and a very large width can cause excessive CPU consumption, despite the image size width height appearing to be zero...

6.6AI score0.00805EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/08/02 12:0 a.m.7 views

PT-2023-6960 · Golang +2 · Golang +2

Name of the Vulnerable Software and Affected Versions: Golang affected versions not specified Description: The issue is related to excessive CPU consumption during decoding. A maliciously-crafted image, specifically a tiled image with a height of 0 and a very large width, can cause this excessive...

7.8CVSS5.8AI score0.0086EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2023/06/09 12:0 a.m.8 views

PT-2023-19363 · WordPress · The Photo Gallery Slideshow & Masonry Tiled Gallery

Name of the Vulnerable Software and Affected Versions: The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress versions up to, and including, 1.0.13 Description: The issue arises from insufficient input sanitization and output escaping, making it possible for unauthenticated...

6.1CVSS6.7AI score0.00433EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:55 a.m.3 views

SUSE CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

9.8CVSS7.2AI score0.03631EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.5 views

SUSE CVE-2020-15304

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...

5.3CVSS7AI score0.00399EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.2 views

SUSE CVE-2021-20303

A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, wit...

6.1CVSS6.8AI score0.00809EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2021/04/13 12:0 a.m.6 views

Vulnerability of the DeepTiledInputFile::initialize() function (src/lib/OpenEXR/ImfDeepTiledInputFile.cpp) in the OpenEXR library, which allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the DeepTiledInputFile::initialize function located in src/lib/OpenEXR/ImfDeepTiledInputFile.cpp in the OpenEXR library is related to integer overflow when processing input files. Exploiting this vulnerability can allow an attacker to cause a service failure or execute...

5.5CVSS7.2AI score0.0096EPSS
Exploits0References15Affected Software8
OSV
OSV
added 2021/03/05 11:2 a.m.4 views

OESA-2021-1060 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.CVE-2017-9114 ...

8.8CVSS7.7AI score0.0331EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2020/09/23 12:0 a.m.3 views

PT-2020-6855 · Openexr +3 · Openexr +3

Name of the Vulnerable Software and Affected Versions: OpenEXR affected versions not specified Description: A flaw was found in OpenEXR's TiledInputFile functionality, allowing an attacker to trigger a floating-point exception error by submitting a crafted single-part non-image. This flaw is...

7.5CVSS5.8AI score0.01848EPSS
Exploits6References115
Veracode
Veracode
added 2020/09/16 8:28 a.m.33 views

Denial Of Service (DoS)

OpenEXR is vulnerable to denial of service. A NULL pointer dereference in the function TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp allows an attacker to cause a denial of service condition via an invalid tiled input file...

5.5CVSS3.8AI score0.00399EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2020/06/26 1:15 a.m.7 views

AZL-45090 CVE-2020-15304 affecting package OpenEXR 2.3.0-6

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...

5.5CVSS6.7AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2020/06/26 1:15 a.m.2 views

DEBIAN-CVE-2020-15304

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...

5.5CVSS6.7AI score0.00399EPSS
Exploits0References1
Prion
Prion
added 2020/06/26 1:15 a.m.27 views

Null pointer dereference

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...

2.1CVSS5.3AI score0.00399EPSS
Exploits0References9Affected Software3
UbuntuCve
UbuntuCve
added 2020/06/26 1:15 a.m.36 views

CVE-2020-15304

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...

5.5CVSS6.8AI score0.00399EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2020/06/26 12:38 a.m.40 views

CVE-2020-15304

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference...

5.5CVSS5.3AI score0.00399EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2020/06/26 12:0 a.m.4 views

PT-2020-14344 · Ilm +2 · Openexr +2

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 2.5.2 Description: An issue was discovered where an invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer...

8.8CVSS6.5AI score0.02615EPSS
Exploits13References80
Veracode
Veracode
added 2019/05/02 6:9 a.m.22 views

Out-of-bounds Write

libtiff is vulnerable to out-of-bounds write. Tiled images with odd tile width versus image width, make the function cpStripToTile of the file tools/tiffcp.c vulnerable to out-of-bounds writes resulting in denial of service...

9.8CVSS9AI score0.03631EPSS
Exploits0References7Affected Software2
RedHat Linux
RedHat Linux
added 2017/02/01 10:3 a.m.5 views

libtiff: cpStripToTile heap-buffer-overflow

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

9.8CVSS7.4AI score0.03631EPSS
Exploits0References4
Rows per page
Query Builder