syoyo/tinyexr
GitHub
CVE History
| CVE | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|
| 7.8 HIGH | — | ||
tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress. | |||
| 8.8 HIGH | 6.8 MEDIUM | ||
In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. | |||
| 7.5 HIGH | 5 MEDIUM | ||
tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS). | |||
| 7.5 HIGH | 5 MEDIUM | ||
tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS). | |||
| 5.5 MEDIUM | 4.3 MEDIUM | ||
tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | |||
| — | 4.3 MEDIUM | ||
An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted input, which leads to an out-of-memory exception. | |||
| — | 5 MEDIUM | ||
tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. | |||
| — | 7.5 HIGH | ||
tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. | |||
| — | 7.5 HIGH | ||
tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h. | |||
| — | 5 MEDIUM | ||
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. | |||
| — | 7.5 HIGH | ||
tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | |||
| — | 5 MEDIUM | ||
tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in tinyexr.h. | |||