彙總 tinyexr_project 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 緩衝區溢位與記憶體損壞 等問題,部分漏洞可能導致 應用程式崩潰,並影響 軟體部署與生產負載 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2022-38529 | tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress. | [email protected] | 7.8 | 0.09% | 2022-09-06 | 2024-11-21 |
| CVE-2022-34300 | In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::DecodePixelData. | [email protected] | 8.8 | 1.29% | 2022-06-23 | 2024-11-21 |
| CVE-2020-18430 | tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS). | [email protected] | 7.5 | 0.31% | 2021-07-26 | 2024-11-21 |
| CVE-2020-18428 | tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS). | [email protected] | 7.5 | 0.31% | 2021-07-26 | 2024-11-21 |
| CVE-2020-19490 | tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | [email protected] | 5.5 | 0.17% | 2021-07-21 | 2024-11-21 |
| CVE-2018-20652 | An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted input, which leads to an out-of-memory exception. | [email protected] | 6.5 | 0.42% | 2019-01-01 | 2024-11-21 |
| CVE-2018-12688 | tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. | [email protected] | 9.8 | 0.43% | 2018-06-22 | 2024-11-21 |
| CVE-2018-12687 | tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. | [email protected] | 7.5 | 0.37% | 2018-06-22 | 2024-11-21 |
| CVE-2018-12504 | tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. | [email protected] | 7.5 | 0.33% | 2018-06-16 | 2024-11-21 |
| CVE-2018-12503 | tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h. | [email protected] | 9.8 | 0.43% | 2018-06-16 | 2024-11-21 |
| CVE-2018-12093 | tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in tinyexr.h. | [email protected] | 7.5 | 0.33% | 2018-06-11 | 2024-11-21 |
| CVE-2018-12092 | tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code. | [email protected] | 9.8 | 0.43% | 2018-06-11 | 2024-11-21 |
| CVE-2018-12064 | tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h. | [email protected] | 9.8 | 0.43% | 2018-06-08 | 2024-11-21 |