Vulnerabilities > Openexr

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2021-3476 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-190
5.3
2021-03-30 CVE-2021-3475 Integer Overflow or Wraparound vulnerability in multiple products
There is a flaw in OpenEXR in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-190
5.3
2021-03-30 CVE-2021-3474 Integer Overflow or Wraparound vulnerability in multiple products
There's a flaw in OpenEXR in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-190
5.3
2020-12-09 CVE-2020-16589 Out-of-bounds Write vulnerability in multiple products
A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.
local
low complexity
openexr debian CWE-787
5.5
2020-12-09 CVE-2020-16588 NULL Pointer Dereference vulnerability in multiple products
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.
local
low complexity
openexr debian CWE-476
5.5
2020-12-09 CVE-2020-16587 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.
local
low complexity
openexr debian CWE-787
5.5
2020-06-26 CVE-2020-15306 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in OpenEXR before v2.5.2.
5.5
2020-06-26 CVE-2020-15305 Use After Free vulnerability in multiple products
An issue was discovered in OpenEXR before 2.5.2.
5.5
2020-06-26 CVE-2020-15304 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in OpenEXR before 2.5.2.
local
low complexity
openexr fedoraproject opensuse CWE-476
5.5
2020-04-14 CVE-2020-11765 Off-by-one Error vulnerability in multiple products
An issue was discovered in OpenEXR before 2.4.1.
5.5