Published: 22/12/2022 Updated: 30/05/2023

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 0

A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openimageio openimageio 2.4.4.2
debian debian linux 11.0

Debian Bug report logs - #1027808 openimageio: CVE-2022-43603 CVE-2022-41999 Package: src:openimageio; Maintainer for src:openimageio is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Tue, 3 Jan 2023 15:42:02 UTC Severity: importan ...

Multiple security vulnerabilities have been discovered in OpenImageIO, a library for reading and writing images Buffer overflows and out-of-bounds read and write programming errors may lead to a denial of service (application crash) or the execution of arbitrary code if a malformed image file is processed For the stable distribution (bullseye), t ...

CWE-476 https://talosintelligence.com/vulnerability_reports/TALOS-2022-1657 https://www.debian.org/security/2023/dsa-5384 https://security.gentoo.org/glsa/202305-33 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027808 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5384

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-43603

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect