openexr
PyPI9 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting openexrpage 1 of 1
- CVE-2017-9111HIGHCVSS 8.8EG 8.8✓ Fixed in 2.2.12017-05-21
vulnerable: 1.0.2 ... 1.3.9 (10 versions)
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
- CVE-2017-9112MEDIUMCVSS 6.5EG 6.5✓ Fixed in 2.2.12017-05-21
vulnerable: 1.0.2 ... 1.3.9 (10 versions)
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash.
- CVE-2025-48073MEDIUMCVSS 6.2EG 6.2✓ Fixed in 3.3.32025-07-31
vulnerable: 3.3.2
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory…
- CVE-2025-64181HIGHCVSS 7.5EG 7.5✓ Fixed in 3.3.62025-11-10
vulnerable: 3.3.0 ... 3.3.5 (6 versions)
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing `openexr_exrcheck_fuzze…
- CVE-2025-64183HIGHCVSS 7.5EG 7.5✓ Fixed in 3.2.52025-11-10
vulnerable: 3.2.3, 3.2.4
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-…
- CVE-2026-34543HIGHCVSS 7.5EG 7.52026-04-01
vulnerable: 3.2.3, 3.2.4, 3.2.5, 3.2.6
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leak…
- CVE-2026-34544HIGHCVSS 7.3EG 7.32026-04-01
vulnerable: 3.2.3, 3.2.4, 3.2.5, 3.2.6
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of…
- CVE-2026-34588HIGHCVSS 7.8EG 7.8✓ Fixed in 3.4.92026-04-06
vulnerable: 3.4.0 ... 3.4.8 (9 versions)
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.1.0 to before 3.2.7, 3.3.9, and 3.4.9, internal_exr_undo_piz() advances the working wav…
- CVE-2026-34589MEDIUMCVSS 5.0EG 5.0✓ Fixed in 3.4.92026-04-06
vulnerable: 3.4.0 ... 3.4.8 (9 versions)
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, the DWA lossy decoder constructs temporary per-c…
Check whether openexr is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for openexr CVEs against the assets you own.
Start Free Scan →