Vulnerabilities > Openexr > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-26945 Integer Overflow or Wraparound vulnerability in Openexr
An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1.
local
low complexity
openexr CWE-190
5.5
5.5
2021-04-01 CVE-2021-20296 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in OpenEXR in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-476
5.3
5.3
2021-03-31 CVE-2021-3479 Resource Exhaustion vulnerability in multiple products
There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta.
local
low complexity
openexr debian CWE-400
5.5
5.5
2021-03-31 CVE-2021-3478 Resource Exhaustion vulnerability in multiple products
There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta.
local
low complexity
openexr debian CWE-400
5.5
5.5
2021-03-31 CVE-2021-3477 Integer Overflow or Wraparound vulnerability in multiple products
There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta.
local
low complexity
openexr debian CWE-190
5.5
5.5
2021-03-30 CVE-2021-3476 Integer Overflow or Wraparound vulnerability in multiple products
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-190
5.3
5.3
2021-03-30 CVE-2021-3475 Integer Overflow or Wraparound vulnerability in multiple products
There is a flaw in OpenEXR in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-190
5.3
5.3
2021-03-30 CVE-2021-3474 Integer Overflow or Wraparound vulnerability in multiple products
There's a flaw in OpenEXR in versions before 3.0.0-beta.
network
low complexity
openexr debian CWE-190
5.3
5.3
2020-12-09 CVE-2020-16589 Out-of-bounds Write vulnerability in multiple products
A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.
local
low complexity
openexr debian CWE-787
5.5
5.5
2020-12-09 CVE-2020-16588 NULL Pointer Dereference vulnerability in multiple products
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.
local
low complexity
openexr debian CWE-476
5.5
5.5