CVE-2023-36183

2023-07-0321:15:09

Google

osv.dev

buffer overflow

openimageio

remote execution

arbitrary code

sensitive information

crafted file

7.8 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.4%

JSON

Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function.

CPENameOperatorVersion
openimageioeqspi-Arn3.5.91.0
openimageioeq2.4.2.0-de
openimageioeqRelease-1.1.0-beta3
openimageioeqspi-spcomp2-release-44.0
openimageioeqRelease-1.7.2de
openimageioeqspi-Arn3.5.48.0
openimageioeqRelease-1.5.5de
openimageioeqspi-spcomp2-release-47.0
openimageioeqRelease-1.8.2de
openimageioeqRelease-1.5.0de

Name	Operator	Version
openimageio	eq	spi-Arn3.5.91.0
openimageio	eq	2.4.2.0-de
openimageio	eq	Release-1.1.0-beta3
openimageio	eq	spi-spcomp2-release-44.0
openimageio	eq	Release-1.7.2de
openimageio	eq	spi-Arn3.5.48.0
openimageio	eq	Release-1.5.5de
openimageio	eq	spi-spcomp2-release-47.0
openimageio	eq	Release-1.8.2de
openimageio	eq	Release-1.5.0de