Openexr

Openexr

60 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-3477

  • EPSS 0.51%
  • Veröffentlicht 31.03.2021 14:15:21
  • Zuletzt bearbeitet 21.11.2024 06:21:38

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read...

5.3

CVE-2021-3476

  • EPSS 1.01%
  • Veröffentlicht 30.03.2021 18:15:18
  • Zuletzt bearbeitet 21.11.2024 06:21:38

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.

5.3

CVE-2021-3475

  • EPSS 0.65%
  • Veröffentlicht 30.03.2021 18:15:18
  • Zuletzt bearbeitet 21.11.2024 06:21:37

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

5.3

CVE-2021-3474

  • EPSS 1.01%
  • Veröffentlicht 30.03.2021 18:15:17
  • Zuletzt bearbeitet 21.11.2024 06:21:37

There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.

5.5

CVE-2020-16589

Exploit
  • EPSS 0.55%
  • Veröffentlicht 09.12.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:07:10

A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.

5.5

CVE-2020-16588

Exploit
  • EPSS 0.29%
  • Veröffentlicht 09.12.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:07:10

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.

5.5

CVE-2020-16587

Exploit
  • EPSS 0.55%
  • Veröffentlicht 09.12.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:07:09

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.

5.5

CVE-2020-15306

  • EPSS 0.13%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

5.5

CVE-2020-15305

  • EPSS 0.11%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.

5.5

CVE-2020-15304

  • EPSS 0.12%
  • Veröffentlicht 26.06.2020 01:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:17

An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.