Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-8dam-3q6k-pbfs
Vulnerability ID VCID-8dam-3q6k-pbfs
Aliases CVE-2009-1722
Summary Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Status Published
Exploitability 0.5
Weighted Severity 0.1
Risk 0.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
epss 0.10851 https://api.first.org/data/v1/epss?cve=CVE-2009-1722
epss 0.10851 https://api.first.org/data/v1/epss?cve=CVE-2009-1722
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1722.json
https://api.first.org/data/v1/epss?cve=CVE-2009-1722
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722
514016 https://bugzilla.redhat.com/show_bug.cgi?id=514016
540424 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540424
USN-831-1 https://usn.ubuntu.com/831-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.93538
EPSS Score 0.10851
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:24:17.595683+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0