VYPR

Openexr

by Openexr

pypi: openexr

Source repositories

CVEs (69)

  • CVE-2020-11760Apr 14, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.

  • CVE-2020-11761Apr 14, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.

  • CVE-2020-11762Apr 14, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.

  • CVE-2020-11763Apr 14, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.

  • CVE-2020-11764Apr 14, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.

  • CVE-2018-18444Oct 17, 2018
    risk 0.00cvss epss 0.03

    makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.

  • CVE-2018-18443Oct 17, 2018
    risk 0.00cvss epss 0.02

    OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.

  • CVE-2009-1722Jul 31, 2009
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

  • CVE-2009-1721Jul 31, 2009
    risk 0.00cvss epss 0.04

    The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.

Page 4 of 4