Published: 22/12/2022 Updated: 01/02/2024

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 0

Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openimageio openimageio 2.4.4.2
debian debian linux 11.0

Debian Bug report logs - #1027143 penimageio: CVE-2022-36354 CVE-2022-38143 CVE-2022-43592 CVE-2022-43593 CVE-2022-43594 CVE-2022-43595 CVE-2022-43596 CVE-2022-43597 CVE-2022-43598 CVE-2022-43599 CVE-2022-43600 CVE-2022-43601 CVE-2022-43602 CVE-2022-41639 CVE-2022-41649 CVE-2022-41684 CVE-2022-41794 CVE-2022-41837 CVE-2022-41838 CVE-2022-41977 CVE ...

Multiple security vulnerabilities have been discovered in OpenImageIO, a library for reading and writing images Buffer overflows and out-of-bounds read and write programming errors may lead to a denial of service (application crash) or the execution of arbitrary code if a malformed image file is processed For the stable distribution (bullseye), t ...

CWE-476 https://talosintelligence.com/vulnerability_reports/TALOS-2022-1653 https://www.debian.org/security/2023/dsa-5384 https://security.gentoo.org/glsa/202305-33 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027143 https://www.debian.org/security/2023/dsa-5384 https://nvd.nist.gov

CVE-2022-43594

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect