VYPR

apk package

chainguard/openexr-libopenexrutil

pkg:apk/chainguard/openexr-libopenexrutil

Vulnerabilities (7)

  • CVE-2026-42217CriMay 7, 2026
    affected < 3.4.10-r0fixed 3.4.10-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger() decodes a variable

  • CVE-2026-42216CriMay 7, 2026
    affected < 3.4.10-r0fixed 3.4.10-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init() reconstructs strings from a

  • CVE-2026-41142HigMay 7, 2026
    affected < 3.4.10-r0fixed 3.4.10-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in ImageChannel::

  • CVE-2026-34545HigApr 1, 2026
    affected < 3.4.9-r0fixed 3.4.9-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 327

  • CVE-2026-34544HigApr 1, 2026
    affected < 3.4.9-r0fixed 3.4.9-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that dec

  • CVE-2026-34543HigApr 1, 2026
    affected < 3.4.9-r0fixed 3.4.9-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data (inform

  • CVE-2026-26981Feb 24, 2026
    affected < 3.4.5-r0fixed 3.4.5-r0

    OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow (OOB read) occurs in the `istream_nonparallel_read` fun