Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-16589
A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.
Openexr Openexr 2.3.0
Debian Debian Linux 10.0
605
VMScore
CVE-2021-23169
A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions prior to 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.
Openexr Openexr
Fedoraproject Fedora 33
Fedoraproject Fedora 34
445
VMScore
CVE-2021-3476
A flaw was found in OpenEXR's B44 uncompression functionality in versions prior to 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2021-3477
There's a flaw in OpenEXR's deep tile sample size calculations in versions prior to 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest ris...
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2021-3478
There's a flaw in OpenEXR's scanline input file functionality in versions prior to 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2021-3474
There's a flaw in OpenEXR in versions prior to 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2021-3475
There is a flaw in OpenEXR in versions prior to 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2021-3479
There's a flaw in OpenEXR's Scanline API functionality in versions prior to 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
445
VMScore
CVE-2021-20296
A flaw was found in OpenEXR in versions prior to 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability...
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2020-16587
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.
Openexr Openexr 2.3.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »