Lucene search
China National Vulnerability DatabaseCNVD-2023-01791HistoryDec 23, 2022 - 12:00 a.m.
OpenImageIO Code Execution Vulnerability (CNVD-2023-01791)
2022-12-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
openimageio
code execution
vulnerability
iffoutput
imageoutput
heap buffer overflow
security
cnvd-2023-01791
image format
EPSS
0.013
Percentile
86.3%
A code execution vulnerability exists in the OpenImageIO IFFOutput::close() function, which is an image read/write library that also provides tools and applications. An attacker can use this vulnerability to cause a heap buffer overflow via a specially crafted ImageOutput object (when the “xmax” variable is set to 0xFFFF and “m_spec.format” is “typeDesc::UINT16”).
Related
nvd
nvd
CVE-2022-43600
2022-12-22 22:15:16
cvelist
cvelist
CVE-2022-43600
2022-12-23 23:03:51
ubuntucve
ubuntucve
CVE-2022-43600
2022-12-22 00:00:00
debiancve
debiancve
CVE-2022-43600
2022-12-23 23:03:51
prion
prion
Heap overflow
2022-12-22 22:15:00
osv
osv
CVE-2022-43600
2022-12-22 22:15:16
openimageio - security update
2023-04-05 00:00:00
openimageio - security update
2023-04-10 00:00:00
cve
cve
CVE-2022-43600
2022-12-23 23:03:51
talos
talos
OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability
2022-12-22 00:00:00
nessus
nessus
Debian DLA-3382-1 : openimageio - LTS security update
2023-04-10 00:00:00
Debian DSA-5384-1 : openimageio - security update
2023-04-11 00:00:00
GLSA-202305-33 : OpenImageIO: Multiple Vulnerabilities
2023-05-30 00:00:00
debian
debian
[SECURITY] [DLA 3382-1] openimageio security update
2023-04-04 23:34:51
[SECURITY] [DSA 5384-1] openimageio security update
2023-04-10 09:18:20
openvas
openvas
Debian: Security Advisory (DLA-3382-1)
2023-04-11 00:00:00
Debian: Security Advisory (DSA-5384-1)
2023-04-11 00:00:00
Mageia: Security Advisory (MGASA-2023-0151)
2023-04-24 00:00:00
mageia
mageia
Updated openimageio packages fix security vulnerability
2023-04-24 03:20:26
gentoo
gentoo
OpenImageIO: Multiple Vulnerabilities
2023-05-30 00:00:00