Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr openexr vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-14988
Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote malicious users to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple ...
Openexr Openexr 2.2.0
NA
CVE-2009-1722
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Openexr Openexr 1.2.2
6.5
CVSSv3
CVE-2017-9112
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash.
Openexr Openexr 2.2.0
6.5
CVSSv3
CVE-2017-9116
In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash.
Openexr Openexr 2.2.0
7.5
CVSSv3
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-20300
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availabili...
Openexr Openexr
Debian Debian Linux 10.0
6.1
CVSSv3
CVE-2021-20303
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to applicatio...
Openexr Openexr
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2021-20298
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-20302
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availabili...
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2020-16588
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.
Openexr Openexr 2.3.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »