FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b6ef8a53-8062-11ec-9af3-fb232efe4d2eOpenEXR -- Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute

Cary Phillips reports:

[OpenEXR Version 3.1.4 is a] patch release that [...] addresses one public security vulnerability: CVE-2021-45942 Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute [and several] specific OSS-fuzz issues [...].


Discovery 2021-11-26
Entry 2022-01-28
openexr
lt 3.1.4

CVE-2021-45942
https://github.com/AcademySoftwareFoundation/openexr/blob/v3.1.4/CHANGES.md#version-314-january-26-2022
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41999
https://github.com/AcademySoftwareFoundation/openexr/pull/1209