Debian Openexr vulnerabilities

CVE-2021-3479 [MEDIUM] CVE-2021-3479: openexr - There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-... There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability. Scope: local bookworm: resolved (fixed in 2.5.4-1) bullseye: resolved (fixed in 2.5.4-1) forky: resolved (fixed

CVE-2021-3475 [MEDIUM] CVE-2021-3475: openexr - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can su... There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability. Scope: local bookworm: resolved (fixed in 2.5.4-1) bullseye: resolved (fixed in 2.5.4-1) forky: resolved (fixed in 2.5.4-1) sid: resolved (fixed

CVE-2021-26945 [MEDIUM] CVE-2021-26945: openexr - An integer overflow leading to a heap-buffer overflow was found in OpenEXR in ve... An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. Scope: local bookworm: resolved (fixed in 3.1.5-2) bullseye: open forky: resolved (fixed in 3.1.5-2) sid: resolved (fixed in 3.1.5-2) trixie: resolved (fixed in 3.1.5-2)

CVE-2021-20304 [HIGH] CVE-2021-20304: openexr - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attac... A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. The highest threat from this vulnerability is to system availability. Scope: local bookworm: resolved (fixed in 2.5.4-1) bullseye: resolved (fixed in 2.5.4-1) forky: resolved (fixed in

CVE-2020-11758 [MEDIUM] CVE-2020-11758: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read ... An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2020-11763 [MEDIUM] CVE-2020-11763: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-... An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2020-11759 [MEDIUM] CVE-2020-11759: openexr - An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in... An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.

CVE-2020-15305 [MEDIUM] CVE-2020-15305: openexr - An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use... An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in

CVE-2020-15304 [MEDIUM] CVE-2020-15304: openexr - An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file cou... An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (

CVE-2020-16588 [MEDIUM] CVE-2020-16588: openexr - A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3... A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.

CVE-2020-11764 [MEDIUM] CVE-2020-11764: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write... An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2020-11762 [MEDIUM] CVE-2020-11762: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read ... An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixe

CVE-2020-16589 [MEDIUM] CVE-2020-16589: openexr - A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0... A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in

CVE-2020-16587 [MEDIUM] CVE-2020-16587: openexr - A heap-based buffer overflow vulnerability exists in Academy Software Foundation... A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-

CVE-2020-11765 [MEDIUM] CVE-2020-11765: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in... An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (

CVE-2020-15306 [MEDIUM] CVE-2020-15306: openexr - An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes ... An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2020-11761 [MEDIUM] CVE-2020-11761: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read ... An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2020-11760 [MEDIUM] CVE-2020-11760: openexr - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read ... An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2018-18444 [HIGH] CVE-2018-18444: openexr - makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, l... makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)

CVE-2018-18443 [MEDIUM] CVE-2018-18443: openexr - OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool... OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview. Scope: local bookworm: resolved (fixed in 2.5.3-2) bullseye: resolved (fixed in 2.5.3-2) forky: resolved (fixed in 2.5.3-2) sid: resolved (fixed in 2.5.3-2) trixie: resolved (fixed in 2.5.3-2)