CVE-2026-34544 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.…
High CVSS: 8.4

CVE-2026-34544

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that decodes it via exr_decoding_run(). Consequences range from immediate crash (most likely) to corruption of adjacent heap allocations (layout-dependent). This issue has been patched in version 3.4.8.
Vendor
-
Product
-
CWE
CWE-190
Yayın Tarihi
2026-04-01 21:17:01
Güncelleme
2026-04-03 16:10:52
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-190 HIGH 2026

Referanslar

https://github.com/AcademySoftwareFoundation/openexr/commit/35e7aa35e22c1975606be86e859f31cc1fc598ee https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v3.4.8 https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-h762-rhv3-h25v