Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-5384-1 openimageio -- security update

Related Vulnerabilities: CVE-2022-36354   CVE-2022-41639   CVE-2022-41649   CVE-2022-41684   CVE-2022-41794   CVE-2022-41837   CVE-2022-41838   CVE-2022-41977   CVE-2022-41981   CVE-2022-41988   CVE-2022-41999   CVE-2022-43592   CVE-2022-43593   CVE-2022-43594   CVE-2022-43595   CVE-2022-43596   CVE-2022-43597   CVE-2022-43598   CVE-2022-43599   CVE-2022-43600   CVE-2022-43601   CVE-2022-43602   CVE-2022-43603  

Multiple security vulnerabilities have been discovered in OpenImageIO, a library for reading and writing images. Buffer overflows and out-of-bounds read and write programming errors may lead to a denial of service (application crash) or the execution of arbitrary code if a malformed image file is processed. For the stable distribution (bullseye), these problems have been fixed in version 2.2.10.1+dfsg-1+deb11u1. We recommend that you upgrade your openimageio packages. For the detailed security status of openimageio please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openimageio

Source

Debian Security Advisory

DSA-5384-1 openimageio -- security update

Date Reported:
10 Apr 2023
Affected Packages:
openimageio
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 1027143, Bug 1027808.
In Mitre's CVE dictionary: CVE-2022-36354, CVE-2022-41639, CVE-2022-41649, CVE-2022-41684, CVE-2022-41794, CVE-2022-41837, CVE-2022-41838, CVE-2022-41977, CVE-2022-41981, CVE-2022-41988, CVE-2022-41999, CVE-2022-43592, CVE-2022-43593, CVE-2022-43594, CVE-2022-43595, CVE-2022-43596, CVE-2022-43597, CVE-2022-43598, CVE-2022-43599, CVE-2022-43600, CVE-2022-43601, CVE-2022-43602, CVE-2022-43603.
More information:

Multiple security vulnerabilities have been discovered in OpenImageIO, a library for reading and writing images. Buffer overflows and out-of-bounds read and write programming errors may lead to a denial of service (application crash) or the execution of arbitrary code if a malformed image file is processed.

For the stable distribution (bullseye), these problems have been fixed in version 2.2.10.1+dfsg-1+deb11u1.

We recommend that you upgrade your openimageio packages.

For the detailed security status of openimageio please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openimageio

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started