Vulnerabilities > Openexr

DATE CVE VULNERABILITY TITLE RISK
2021-08-25 CVE-2021-3605 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5.
local
low complexity
openexr redhat debian CWE-119
5.5
5.5
2021-07-06 CVE-2021-3598 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5.
local
low complexity
openexr redhat debian CWE-119
5.5
5.5
2021-06-08 CVE-2021-23169 Out-of-bounds Write vulnerability in multiple products
A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1.
network
low complexity
openexr fedoraproject CWE-787
8.8
8.8
2021-06-08 CVE-2021-23215 Resource Exhaustion vulnerability in multiple products
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1.
local
low complexity
openexr fedoraproject debian CWE-400
5.5
5.5
2021-06-08 CVE-2021-26260 Resource Exhaustion vulnerability in multiple products
An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1.
local
low complexity
openexr fedoraproject debian CWE-400
5.5
5.5
2021-06-08 CVE-2021-26945 Integer Overflow or Wraparound vulnerability in Openexr
An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1.
local
low complexity
openexr CWE-190
5.5
5.5
2021-04-01 CVE-2021-20296 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in OpenEXR in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-476
5.3
5.3
2021-03-31 CVE-2021-3479 Resource Exhaustion vulnerability in multiple products
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta.
local
low complexity
openexr debian CWE-400
5.5
5.5
2021-03-31 CVE-2021-3478 Resource Exhaustion vulnerability in multiple products
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta.
local
low complexity
openexr debian CWE-400
5.5
5.5
2021-03-31 CVE-2021-3477 Integer Overflow or Wraparound vulnerability in multiple products
There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta.
local
low complexity
openexr debian CWE-190
5.5
5.5