Summary
Detail | |||
---|---|---|---|
Vendor | Tinyexr Project | First view | 2018-06-08 |
Product | Tinyexr | Last view | 2022-09-06 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:a:tinyexr_project:tinyexr:0.9.5:*:*:*:*:*:*:* | 11 |
cpe:2.3:a:tinyexr_project:tinyexr:1.0.1:*:*:*:*:*:*:* | 1 |
cpe:2.3:a:tinyexr_project:tinyexr:2022-06-28:*:*:*:*:*:*:* | 1 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2022-09-06 | CVE-2022-38529 | tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress. |
8.8 | 2022-06-23 | CVE-2022-34300 | In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. |
7.5 | 2021-07-26 | CVE-2020-18430 | tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS). |
7.5 | 2021-07-26 | CVE-2020-18428 | tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS). |
5.5 | 2021-07-21 | CVE-2020-19490 | tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. |
6.5 | 2019-01-01 | CVE-2018-20652 | An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted input, which leads to an out-of-memory exception. |
9.8 | 2018-06-22 | CVE-2018-12688 | tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. |
7.5 | 2018-06-22 | CVE-2018-12687 | tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. |
7.5 | 2018-06-16 | CVE-2018-12504 | tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. |
9.8 | 2018-06-16 | CVE-2018-12503 | tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h. |
7.5 | 2018-06-11 | CVE-2018-12093 | tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in tinyexr.h. |
9.8 | 2018-06-11 | CVE-2018-12092 | tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. |
9.8 | 2018-06-08 | CVE-2018-12064 | tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
30% (4) | CWE-125 | Out-of-bounds Read |
15% (2) | CWE-617 | Reachable Assertion |
15% (2) | CWE-129 | Improper Validation of Array Index |
7% (1) | CWE-787 | Out-of-bounds Write |
7% (1) | CWE-772 | Missing Release of Resource after Effective Lifetime |
7% (1) | CWE-770 | Allocation of Resources Without Limits or Throttling |
7% (1) | CWE-190 | Integer Overflow or Wraparound |
7% (1) | CWE-20 | Improper Input Validation |