Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-45942
OpenEXR 3.1.x prior to 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
Openexr Openexr
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2.1
CVSSv2
CVE-2021-3941
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigg...
Openexr Openexr 3.1.2
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2.1
CVSSv2
CVE-2020-15305
An issue exists in OpenEXR prior to 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
Openexr Openexr
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
2.1
CVSSv2
CVE-2020-15306
An issue exists in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
Openexr Openexr
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2020-11758
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
4.3
CVSSv2
CVE-2020-11759
An issue exists in OpenEXR prior to 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
4.3
CVSSv2
CVE-2020-11760
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
4.3
CVSSv2
CVE-2020-11761
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
4.3
CVSSv2
CVE-2020-11762
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
4.3
CVSSv2
CVE-2020-11763
An issue exists in OpenEXR prior to 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »