rootio-openexr Leaves OpenEXR Files Accessible on Root

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-openexr Leaves OpenEXR Files Accessible on Root

ROOT-OS-DEBIAN-12-CVE-2025-12495

Summary

A security patch has been released for the rootio-openexr package in Root:Debian:12 to prevent unauthorized access to OpenEXR image files. This affects users of Root:Debian:12 who rely on rootio-openexr. Update your system to the latest version to fix this issue.

What to do

Update rootio-openexr to version 3.1.5-5.root.io.7.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-openexr	<= 3.1.5-5.root.io.7	3.1.5-5.root.io.7

Original title

CVE-2025-12495 in rootio-openexr - Patched by Root

Original description

Root has patched CVE-2025-12495 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available.

Published: 6 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026