Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

OpenEXR — Vulnerabilities & Security Advisories 45

All 45 CVE vulnerabilities found in OpenEXR, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPaused
CVE-2026-40250 OpenEXR has integer overflow in DWA decoder outBufferEnd pointer arithmetic (missed variant of CVE-2026-34589) CWE-190 8.1AIHighAI2026-04-21
CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589) CWE-190 7.5AIHighAI2026-04-21
CVE-2026-39886 OpenEXR has HTJ2K Signed Integer Overflow in ht_undo_impl() CWE-190 5.3 Medium2026-04-21
CVE-2026-34589 OpenEXR: DWA Lossy Decoder Heap Out-of-Bounds Write CWE-190 9.1 -2026-04-06
CVE-2026-34588 OpenEXR has a signed 32-bit Overflow in PIZ Decoder Leads to OOB Read/Write CWE-125 6.8 -2026-04-06
CVE-2026-34380 OpenEXR has a signed integer overflow (undefined behavior) in undo_pxr24_impl may allow bounds-check bypass in PXR24 decompression CWE-190 5.9 Medium2026-04-06
CVE-2026-34379 OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression) CWE-704 7.1 High2026-04-06
CVE-2026-34378 OpenEXR has a signed integer overflow in generic_unpack() when parsing EXR files with crafted negative dataWindow.min.x CWE-190 6.5 Medium2026-04-06
CVE-2026-34543 OpenEXR: Heap information disclosure in PXR24 decompression via unchecked decompressed size (undo_pxr24_impl) CWE-908 5.5AIMediumAI2026-04-01
CVE-2026-34544 OpenEXR: integer overflow to OOB write in uncompress_b44_impl() CWE-190 8.8AIHighAI2026-04-01
CVE-2026-34545 OpenEXR: integer overflow lead to OOB in HTJ2K decoder CWE-122 9.6AICriticalAI2026-04-01
CVE-2026-27622 OpenEXR CompositeDeepScanLine integer-overflow leads to heap OOB write CWE-787 7.7AIHighAI2026-03-03
CVE-2026-26981 OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp CWE-195 6.5 Medium2026-02-24
CVE-2025-12840 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8AIHighAI2025-12-23
CVE-2025-12839 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8AIHighAI2025-12-23
CVE-2025-12495 Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8AIHighAI2025-12-23
CVE-2025-64183 OpenEXR has use after free in PyObject_StealAttrString CWE-416 9.1 -2025-11-10
CVE-2025-64182 OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel() CWE-120 7.8 -2025-11-10
CVE-2025-64181 OpenEXR Makes Use of Uninitialized Memory CWE-457 9.1 -2025-11-10
CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors CWE-770 6.5 -2025-08-01
CVE-2025-48073 OpenEXR ScanLineProcess::run_fill NULL Pointer Write In "reduceMemory" Mode CWE-476 7.5AIHighAI2025-07-31
CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap CWE-125 7.8AIHighAI2025-07-31
CVE-2025-48071 OpenEXR's Forged Unpacked Size can Lead to Heap-Based Buffer Overflow in Deep Scanline Parsing CWE-122 7.8AIHighAI2025-07-31
CVE-2023-5841 OpenEXR Heap Overflow in Scanline Deep Data Parsing CWE-122 8.8 -2024-02-01
CVE-2021-20298 ILM OpenEXR 缓冲区错误漏洞 CWE-400 7.5 -2022-08-23
CVE-2021-20304 ILM OpenEXR 输入验证错误漏洞 CWE-190 6.5 -2022-08-23
CVE-2021-3941 ILM OpenEXR 数字错误漏洞 CWE-369 6.2 -2022-03-25
CVE-2021-3933 ILM OpenEXR 输入验证错误漏洞 CWE-190 5.5 -2022-03-25
CVE-2021-20299 ILM OpenEXR 代码问题漏洞 CWE-476 7.5 -2022-03-16
CVE-2021-20300 ILM OpenEXR 输入验证错误漏洞 CWE-190 5.5 -2022-03-04

All 45 known CVE vulnerabilities affecting OpenEXR with full Chinese analysis, references, and POCs where available.