Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr openexr vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-45942
OpenEXR 3.1.x prior to 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
Openexr Openexr
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2021-3605
There's a flaw in OpenEXR's rleUncompress functionality in versions before 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.
Openexr Openexr
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2020-19490
tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
Tinyexr Project Tinyexr 0.9.5
4.3
CVSSv2
CVE-2021-26260
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215.
Openexr Openexr
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2021-23215
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.
Openexr Openexr
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2021-26945
An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.
Openexr Openexr
4.3
CVSSv2
CVE-2021-3477
There's a flaw in OpenEXR's deep tile sample size calculations in versions prior to 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest ris...
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-3478
There's a flaw in OpenEXR's scanline input file functionality in versions prior to 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2021-3479
There's a flaw in OpenEXR's Scanline API functionality in versions prior to 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2020-16587
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.
Openexr Openexr 2.3.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »