AVG-1746 log

Package openexr
Status Fixed
Severity Low
Type denial of service
Affected 2.5.3-6
Fixed 2.5.4-1
Current 3.2.3-1 [extra]
Ticket None
Created Wed Mar 31 07:26:43 2021
Issue Severity Remote Type Description
CVE-2021-20296 Low No Denial of service
A flaw was found in OpenEXR in versions before 2.5.4. A crafted input file supplied by an attacker that is processed by the Dwa decompression functionality...
CVE-2021-3479 Low No Denial of service
There's a flaw in OpenEXR's Scanline API functionality in versions before 2.5.4. An attacker who is able to submit a crafted file to be processed by OpenEXR...
CVE-2021-3478 Low No Denial of service
There's a flaw in OpenEXR's scanline input file functionality in versions before 2.5.4. An attacker able to submit a crafted file to be processed by OpenEXR...
CVE-2021-3477 Low No Denial of service
There's a flaw in OpenEXR's deep tile sample size calculations in versions before 2.5.4. An attacker who is able to submit a crafted file to be processed by...
CVE-2021-3476 Low No Denial of service
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 2.5.4. An attacker who is able to submit a crafted file to OpenEXR could...
CVE-2021-3475 Low No Denial of service
There is a flaw in OpenEXR in versions before 2.5.4. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow,...
CVE-2021-3474 Low No Denial of service
There's a flaw in OpenEXR in versions before 2.5.4. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder,...