Openexr
by Openexr
Source repositories
CVEs (69)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11760 | 0.00 | — | 0.02 | Apr 14, 2020 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. | |||
| CVE-2020-11761 | 0.00 | — | 0.02 | Apr 14, 2020 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. | |||
| CVE-2020-11762 | 0.00 | — | 0.02 | Apr 14, 2020 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. | |||
| CVE-2020-11763 | 0.00 | — | 0.02 | Apr 14, 2020 | An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. | |||
| CVE-2020-11764 | 0.00 | — | 0.02 | Apr 14, 2020 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. | |||
| CVE-2018-18444 | 0.00 | — | 0.03 | Oct 17, 2018 | makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact. | |||
| CVE-2018-18443 | 0.00 | — | 0.02 | Oct 17, 2018 | OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview. | |||
| CVE-2009-1722 | 0.00 | — | 0.05 | Jul 31, 2009 | Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | |||
| CVE-2009-1721 | 0.00 | — | 0.04 | Jul 31, 2009 | The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer. |
- CVE-2020-11760Apr 14, 2020risk 0.00cvss —epss 0.02
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
- CVE-2020-11761Apr 14, 2020risk 0.00cvss —epss 0.02
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
- CVE-2020-11762Apr 14, 2020risk 0.00cvss —epss 0.02
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
- CVE-2020-11763Apr 14, 2020risk 0.00cvss —epss 0.02
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
- CVE-2020-11764Apr 14, 2020risk 0.00cvss —epss 0.02
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.
- CVE-2018-18444Oct 17, 2018risk 0.00cvss —epss 0.03
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
- CVE-2018-18443Oct 17, 2018risk 0.00cvss —epss 0.02
OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.
- CVE-2009-1722Jul 31, 2009risk 0.00cvss —epss 0.05
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
- CVE-2009-1721Jul 31, 2009risk 0.00cvss —epss 0.04
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
Page 4 of 4