CVE-2026-34543 in OpenEXRinfo

Zusammenfassung (Englisch)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, sensitive information from heap memory may be leaked through the decoded pixel data (information disclosure). This occurs under default settings; simply reading a malicious EXR file is sufficient to trigger the issue, without any user interaction. This issue has been patched in version 3.4.8.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Zuständig

GitHub_M

Reservieren

30.03.2026

Veröffentlichung

02.04.2026

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

IDSchwachstelleCWEAusMasCVE
354802AcademySoftwareFoundation OpenEXR Information Disclosure908Nicht definiertOffizieller FixCVE-2026-34543

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

ZurückÜbersichtWeiter

Do you want to use VulDB in your project?

Use the official API to access entries easily!