CVE-2023-24473

An information disclosure vulnerability exists in the TGAInput::readtga2header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2023-24473

An information disclosure vulnerability exists in the TGAInput::readtga2header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2023-24472

OpenImageIO vulnerability CVE-2023-24472 affects OpenImageIO v2.4.7.1, in FitsOutput::close() where a crafted ImageOutput can cause denial of service. Exploitation details are documented by Talos/Cisco (TALOS-2023-1709) and Gentoo GLSA-202506-09, with remediation advising upgrade to newer OpenIma...

CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2023-24472

A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability...

CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2023-22845

An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2023-24472

A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability...

CVE-2023-22845

OpenImageIO OpenImageIO v2.4.7.1 contains an out-of-bounds read in TGAInput::decode_pixel() that can disclose information when processing a crafted TGA file. TALOS reports a PoC; Nessus and Gentoo advisories indicate the issue affects multiple deployments and note a patch is available in newer re...

CVE-2023-24472

A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability...

OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...

OpenImageIO Project OpenImageIO TGAInput::read_tga2_header information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1707 OpenImageIO Project OpenImageIO TGAInput::readtga2header information disclosure vulnerability March 30, 2023 CVE Number CVE-2023-24473 SUMMARY An information disclosure vulnerability exists in the TGAInput::readtga2header functionality of OpenImageIO...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. A buffer error vulnerability exists in OpenImageIO version v2.4.7.1. An attacker exploiting this vulnerability could cause sensitive information to be...

OpenImageIO 安全漏洞

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats . OpenImageIO v2.4.7.1 version of a security vulnerability , the vulnerability stems from the existence of a denial of service vulnerability , an attack...

OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1709 OpenImageIO Project OpenImageIO FitsOutput::close denial of service vulnerability March 30, 2023 CVE Number CVE-2023-24472 SUMMARY A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is OpenImageIO open source an image processing library . With an easy to use interface and a large number of supported image formats. A buffer error vulnerability exists in OpenImageIO version v2.4.7.1, which stems from an out-of-bounds read vulnerability that can be exploited by an...

Fedora: Security Advisory for OpenImageIO (FEDORA-2023-c3d65c8f7b)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: OpenImageIO-2.4.8.1-1.fc37

OpenImageIO is a library for reading and writing images, and a bunch of relat ed classes, utilities, and applications. Main features include: - Extremely simple but powerful ImageInput and ImageOutput APIs for reading a nd writing 2D images that is format agnostic. - Format plugins for TIFF,...

Fedora 37 : OpenImageIO (2023-c3d65c8f7b)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c3d65c8f7b advisory. Release 2.4.8.1 13 Feb 2023 -- compared to 2.4.8.0 Fixtarga: guard against corrupted tga files Fixes TALOS-2023-1707 / CVE-2023-24473, TALOS-2023-17...

SUSE CVE-2022-36354

A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensiti...