Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-9113
In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.
Openexr Openexr 2.2.0
8.8
CVSSv3
CVE-2017-9115
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
Openexr Openexr 2.2.0
7.8
CVSSv3
CVE-2017-12596
In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact.
Openexr Openexr 2.2.0
NA
CVE-2009-1722
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Openexr Openexr 1.2.2
7.5
CVSSv3
CVE-2021-20298
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.
Openexr Openexr
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-20300
A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availabili...
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2021-20302
A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availabili...
Openexr Openexr
Debian Debian Linux 10.0
6.1
CVSSv3
CVE-2021-20303
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to applicatio...
Openexr Openexr
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2020-16588
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.
Openexr Openexr 2.3.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »