{"id":"MGASA-2021-0326","summary":"Updated openexr packages fix security vulnerabilities","details":"Updated openexr packages fix security vulnerabilities:\n\nIt was discovered that OpenEXR incorrectly handled certain malformed EXR\nimage files. If a user were tricked into opening a crafted EXR image file,\na remote attacker could cause a denial of service, or possibly execute\narbitrary code (CVE-2021-3474, CVE-2021-3475, CVE-2021-3476, CVE-2021-3477,\nCVE-2021-3478, CVE-2021-3479, CVE-2021-3598, CVE-2021-3605, CVE-2021-20296,\nCVE-2021-23169, CVE-2021-23215, CVE-2021-26260).\n","modified":"2026-02-02T03:36:18.346036Z","published":"2021-07-10T12:56:54Z","related":["CVE-2021-20296","CVE-2021-23169","CVE-2021-23215","CVE-2021-26260","CVE-2021-3474","CVE-2021-3475","CVE-2021-3476","CVE-2021-3477","CVE-2021-3478","CVE-2021-3479","CVE-2021-3598","CVE-2021-3605"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0326.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29005"},{"type":"REPORT","url":"https://www.openexr.com/"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-4900-1"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-4996-1"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4KYNJSMVA6YJY5NMKDZ5SAISKZG2KCKC/"}],"affected":[{"package":{"name":"openexr","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/openexr?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3.0-2.4.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0326.json"}},{"package":{"name":"openexr","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/openexr?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5.7-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0326.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}