Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23169 | 2 Fedoraproject, Openexr | 2 Fedora, Openexr | 2021-12-01 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR. | |||||
| CVE-2017-12596 | 1 Openexr | 1 Openexr | 2020-08-30 | 6.8 MEDIUM | 7.8 HIGH |
| In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact. | |||||
| CVE-2017-9111 | 1 Openexr | 1 Openexr | 2020-08-30 | 6.8 MEDIUM | 8.8 HIGH |
| In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code. | |||||
| CVE-2017-9113 | 1 Openexr | 1 Openexr | 2020-08-30 | 4.3 MEDIUM | 8.8 HIGH |
| In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code. | |||||
| CVE-2017-9115 | 1 Openexr | 1 Openexr | 2020-08-30 | 6.8 MEDIUM | 8.8 HIGH |
| In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code. | |||||