Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-45942
OpenEXR 3.1.x prior to 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
Openexr Openexr
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2021-3941
In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigg...
Openexr Openexr 3.1.2
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.5
CVSSv3
CVE-2020-15305
An issue exists in OpenEXR prior to 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
Openexr Openexr
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2020-15306
An issue exists in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
Openexr Openexr
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2020-11758
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
5.5
CVSSv3
CVE-2020-11759
An issue exists in OpenEXR prior to 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
5.5
CVSSv3
CVE-2020-11760
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
5.5
CVSSv3
CVE-2020-11761
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
5.5
CVSSv3
CVE-2020-11762
An issue exists in OpenEXR prior to 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
5.5
CVSSv3
CVE-2020-11763
An issue exists in OpenEXR prior to 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
Openexr Openexr
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Tvos
Apple Iphone Os
Apple Icloud
Apple Itunes
Apple Watchos
Apple Ipados
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.13.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »