Vulnerabilities > Openexr
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-01 | CVE-2023-5841 | Out-of-bounds Write vulnerability in Openexr Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing library version 3.2.1 and prior is susceptible to a heap-based buffer overflow vulnerability. | 9.1 |
2022-08-23 | CVE-2021-20298 | Out-of-bounds Write vulnerability in multiple products A flaw was found in OpenEXR's B44Compressor. | 7.5 |
2022-08-23 | CVE-2021-20304 | Integer Overflow or Wraparound vulnerability in Openexr A flaw was found in OpenEXR's hufDecode functionality. | 7.5 |
2022-03-25 | CVE-2021-3933 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. | 5.5 |
2022-03-25 | CVE-2021-3941 | Divide By Zero vulnerability in multiple products In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. | 6.5 |
2022-03-16 | CVE-2021-20299 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in OpenEXR's Multipart input file functionality. | 7.5 |
2022-03-04 | CVE-2021-20300 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. | 5.5 |
2022-03-04 | CVE-2021-20302 | A flaw was found in OpenEXR's TiledInputFile functionality. | 5.5 |
2022-03-04 | CVE-2021-20303 | Integer Overflow or Wraparound vulnerability in multiple products A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. | 6.1 |
2022-01-01 | CVE-2021-45942 | Out-of-bounds Write vulnerability in multiple products OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). | 5.5 |