CVE-2021-3605

Debian Bug report logs - #990899 openexr: CVE-2021-3605 Package: src:openexr; Maintainer for src:openexr is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 10 Jul 2021 21:21:02 UTC Severity: important Tags: security, upstre ...

Multiple security vulnerabilities have been found in OpenEXR, command-line tools and a library for the OpenEXR image format Buffer overflows or out-of-bound reads could lead to a denial of service (application crash) if a malformed image file is processed For the stable distribution (bullseye), these problems have been fixed in version 254-2+de ...

A flaw was found in OpenEXR's B44Compressor This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application The highest threat from this vulnerability is to system availability (CVE-2021-20298) A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisccpp An at ...

There's a flaw in OpenEXR's rleUncompress functionality An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read The greatest risk from this flaw is to application availability ...

A heap-buffer overflow was found in the rleUncompress function of OpenEXR An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR ...