Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr openexr vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-12092
tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
Tinyexr Project Tinyexr 0.9.5
7.5
CVSSv2
CVE-2017-9117
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff.
Libtiff Libtiff 4.0.7
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
7.5
CVSSv2
CVE-2009-1720
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage...
Openexr Openexr 1.2.2
Openexr Openexr 1.6.1
7.1
CVSSv2
CVE-2021-20300
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availabili...
Openexr Openexr
Debian Debian Linux 10.0
7.1
CVSSv2
CVE-2021-20302
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availabili...
Openexr Openexr
Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2021-23169
A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.
Openexr Openexr
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.8
CVSSv2
CVE-2018-18444
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
Ilm Openexr 2.3.0
6.8
CVSSv2
CVE-2017-12596
In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact.
Openexr Openexr 2.2.0
6.8
CVSSv2
CVE-2017-9111
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
Openexr Openexr 2.2.0
6.8
CVSSv2
CVE-2017-9115
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
Openexr Openexr 2.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »