Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr openexr vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-20303
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to applicatio...
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-45942
OpenEXR 3.1.x prior to 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
Openexr Openexr
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions before 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
Openexr Openexr
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2020-19490
tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
Tinyexr Project Tinyexr 0.9.5
5.5
CVSSv3
CVE-2021-3598
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions before 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application avai...
Openexr Openexr
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8.8
CVSSv3
CVE-2021-23169
A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.
Openexr Openexr
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5.5
CVSSv3
CVE-2021-23215
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.
Openexr Openexr
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2021-26945
An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.
Openexr Openexr
5.5
CVSSv3
CVE-2021-26260
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215.
Openexr Openexr
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.3
CVSSv3
CVE-2021-20296
A flaw was found in OpenEXR in versions prior to 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability...
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »