| Bug | stretch | buster | bullseye | sid | Description |
|---|
| CVE-2021-26260 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | An integer overflow leading to a heap-buffer overflow was found in the ... |
| CVE-2021-23215 | fixed | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | An integer overflow leading to a heap-buffer overflow was found in the ... |
| CVE-2021-20303 | vulnerable | vulnerable | fixed | fixed | Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer |
| CVE-2021-20302 | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | Floating-point-exception in Imf_2_5::precalculateTileInfot |
| CVE-2021-20300 | vulnerable | vulnerable | fixed | fixed | Integer-overflow in Imf_2_5::hufUncompress |
| CVE-2021-20299 | vulnerable | vulnerable | fixed | fixed | Null-dereference READ in Imf_2_5::Header::operator |
| CVE-2021-20298 | vulnerable | vulnerable (no DSA, ignored) | fixed | fixed | Out-of-memory in B44Compressor |
| CVE-2021-20296 | fixed | vulnerable (no DSA) | fixed | fixed | A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted i ... |
| CVE-2021-3605 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable | vulnerable | Heap buffer overflow in the rleUncompress function |
| CVE-2021-3598 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in ... |
| CVE-2021-3479 | fixed | vulnerable (no DSA) | fixed | fixed | There's a flaw in OpenEXR's Scanline API functionality in versions bef ... |
| CVE-2021-3478 | fixed | vulnerable (no DSA) | fixed | fixed | There's a flaw in OpenEXR's scanline input file functionality in versi ... |
| CVE-2021-3477 | fixed | vulnerable (no DSA) | fixed | fixed | There's a flaw in OpenEXR's deep tile sample size calculations in vers ... |
| CVE-2021-3476 | fixed | vulnerable (no DSA) | fixed | fixed | A flaw was found in OpenEXR's B44 uncompression functionality in versi ... |
| CVE-2021-3475 | fixed | vulnerable (no DSA) | fixed | fixed | There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker ... |
| CVE-2021-3474 | fixed | vulnerable (no DSA) | fixed | fixed | There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted inp ... |
| CVE-2020-16589 | fixed | vulnerable (no DSA) | fixed | fixed | A head-based buffer overflow exists in Academy Software Foundation Ope ... |
| CVE-2020-16588 | fixed | vulnerable (no DSA) | fixed | fixed | A Null Pointer Deference issue exists in Academy Software Foundation O ... |
| CVE-2020-16587 | fixed | vulnerable (no DSA) | fixed | fixed | A heap-based buffer overflow vulnerability exists in Academy Software ... |
| Bug | Description |
|---|
| CVE-2021-23169 | A heap-buffer overflow was found in the copyIntoFrameBuffer function o ... |
| CVE-2020-15306 | An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ... |
| CVE-2020-15305 | An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ... |
| CVE-2020-15304 | An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ... |
| CVE-2020-11765 | An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ... |
| CVE-2020-11764 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11763 | An issue was discovered in OpenEXR before 2.4.1. There is an std::vect ... |
| CVE-2020-11762 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11761 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11760 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2020-11759 | An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ... |
| CVE-2020-11758 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ... |
| CVE-2018-18444 | makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bound ... |
| CVE-2017-12596 | In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ... |
| CVE-2017-9116 | In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function ... |
| CVE-2017-9115 | In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ... |
| CVE-2017-9114 | In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ... |
| CVE-2017-9113 | In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ... |
| CVE-2017-9112 | In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ... |
| CVE-2017-9111 | In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ... |
| CVE-2017-9110 | In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function ... |
| CVE-2009-1722 | Heap-based buffer overflow in the compression implementation in OpenEX ... |
| CVE-2009-1721 | The decompression implementation in the Imf::hufUncompress function in ... |
| CVE-2009-1720 | Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-de ... |