| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|
| CVE-2021-45942 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | vulnerable | OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1 ... |
| CVE-2021-26260 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | An integer overflow leading to a heap-buffer overflow was found in the ... |
| CVE-2021-23215 | fixed | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | An integer overflow leading to a heap-buffer overflow was found in the ... |
| CVE-2021-20303 | fixed | vulnerable | fixed | fixed | fixed | A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cp ... |
| CVE-2021-20302 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | A flaw was found in OpenEXR's TiledInputFile functionality. This flaw ... |
| CVE-2021-20300 | fixed | vulnerable | fixed | fixed | fixed | A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/I ... |
| CVE-2021-20299 | fixed | vulnerable | fixed | fixed | fixed | A flaw was found in OpenEXR's Multipart input file functionality. A cr ... |
| CVE-2021-20298 | vulnerable (no DSA, postponed) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Out-of-memory in B44Compressor |
| CVE-2021-20296 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted i ... |
| CVE-2021-3941 | vulnerable (no DSA) | vulnerable | vulnerable | vulnerable | vulnerable | In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division o ... |
| CVE-2021-3933 | fixed | vulnerable | vulnerable | vulnerable | vulnerable | An integer overflow could occur when OpenEXR processes a crafted file ... |
| CVE-2021-3605 | fixed | vulnerable (no DSA) | vulnerable | fixed | fixed | There's a flaw in OpenEXR's rleUncompress functionality in versions pr ... |
| CVE-2021-3598 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in ... |
| CVE-2021-3479 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | There's a flaw in OpenEXR's Scanline API functionality in versions bef ... |
| CVE-2021-3478 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | There's a flaw in OpenEXR's scanline input file functionality in versi ... |
| CVE-2021-3477 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | There's a flaw in OpenEXR's deep tile sample size calculations in vers ... |
| CVE-2021-3476 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in OpenEXR's B44 uncompression functionality in versi ... |
| CVE-2021-3475 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker ... |
| CVE-2021-3474 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted inp ... |
| CVE-2020-16589 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A head-based buffer overflow exists in Academy Software Foundation Ope ... |
| CVE-2020-16588 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A Null Pointer Deference issue exists in Academy Software Foundation O ... |
| CVE-2020-16587 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | A heap-based buffer overflow vulnerability exists in Academy Software ... |
| Bug | Description |
|---|
| CVE-2021-23169 | A heap-buffer overflow was found in the copyIntoFrameBuffer function o ... |
| CVE-2020-15306 | An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ... |
| CVE-2020-15305 | An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ... |
| CVE-2020-15304 | An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ... |
| CVE-2020-11765 | An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ... |
| CVE-2020-11764 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11763 | An issue was discovered in OpenEXR before 2.4.1. There is an std::vect ... |
| CVE-2020-11762 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11761 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11760 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11759 | An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ... |
| CVE-2020-11758 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2018-18444 | makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bound ... |
| CVE-2017-12596 | In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ... |
| CVE-2017-9116 | In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ... |
| CVE-2017-9115 | In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ... |
| CVE-2017-9114 | In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ... |
| CVE-2017-9113 | In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ... |
| CVE-2017-9112 | In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ... |
| CVE-2017-9111 | In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ... |
| CVE-2017-9110 | In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function ... |
| CVE-2009-1722 | Heap-based buffer overflow in the compression implementation in OpenEX ... |
| CVE-2009-1721 | The decompression implementation in the Imf::hufUncompress function in ... |
| CVE-2009-1720 | Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-de ... |