OpenEXR (SUSE:Linux Enterprise Server 11 SP4-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11 SP4-LTSS package OpenEXR, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2021-20304 — CVSS 7.5 (high): A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR…
CVE-2021-20298 — CVSS 7.5 (high): A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to…
CVE-2021-3941 — CVSS 6.5 (medium): In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) *…
CVE-2021-20303 — CVSS 6.1 (medium): A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed…
CVE-2021-3479 — CVSS 5.5 (medium): There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to…
CVE-2021-3605 — CVSS 5.5 (medium): There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an…
CVE-2021-20300 — CVSS 5.5 (medium): A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a…