OpenImageIO RLA format rle span out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1629 OpenImageIO RLA format rle span out-of-bounds read vulnerability December 22, 2022 CVE Number CVE-2022-36354 SUMMARY A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More...

OpenImageIO TIFF tile pels decoding heap-based buffer overflow

Talos Vulnerability Report TALOS-2022-1633 OpenImageIO TIFF tile pels decoding heap-based buffer overflow December 22, 2022 CVE Number CVE-2022-41639 SUMMARY A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and...

OpenImageIO Project OpenImageIO DPXOutput::close() information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1651 OpenImageIO Project OpenImageIO DPXOutput::close information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-43592 SUMMARY An information disclosure vulnerability exists in the DPXOutput::close functionality of OpenImageIO Project...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read and write library that also provides several tools and applications. a heap buffer overflow vulnerability exists in the PSD thumbnail resource parsing code in OpenImageIO v2.3.19.0. An attacker can exploit this vulnerability to cause arbitrary code execution via...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is OpenImageIO open source an image processing library . With an easy-to-use interface and a large number of supported image formats. OpenImageIO v2.4.4.2 version of a security vulnerability , the vulnerability stems from its IFFOutput alignment padding feature allows an attacker to...

OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1630 OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability December 22, 2022 CVE Number CVE-2022-38143 SUMMARY A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted...

OpenImageIO TGA Format Stack Buffer Overflow Vulnerability

Talos Vulnerability Report TALOS-2022-1628 OpenImageIO TGA Format Stack Buffer Overflow Vulnerability December 22, 2022 CVE Number CVE-2022-41981 SUMMARY A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can...

OpenImageIO DDS scanline parsing code execution vulnerability

Talos Vulnerability Report TALOS-2022-1634 OpenImageIO DDS scanline parsing code execution vulnerability December 22, 2022 CVE Number CVE-2022-41838 SUMMARY A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A...

OpenImageIO DDS native tile reading denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1635 OpenImageIO DDS native tile reading denial of service vulnerability December 22, 2022 CVE Number CVE-2022-41999 SUMMARY A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and...

OpenImageIO Exif out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1636 OpenImageIO Exif out-of-bounds write vulnerability December 22, 2022 CVE Number CVE-2022-41837 SUMMARY An out-of-bounds write vulnerability exists in the OpenImageIO::addexifitemtospec functionality of OpenImageIO Project OpenImageIO v2.4.4.2...

OpenImageIO Project OpenImageIO DPXOutput::close() denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1652 OpenImageIO Project OpenImageIO DPXOutput::close denial of service vulnerability December 22, 2022 CVE Number CVE-2022-43593 SUMMARY A denial of service vulnerability exists in the DPXOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.4....

PT-2022-6815 · Unknown +1 · Openimageio +1

Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.4.4.2 Description: Multiple code execution vulnerabilities exist in the IFFOutput::close functionality. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input t...

PT-2022-6816 · Unknown +1 · Openimageio +1

Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.4.4.2 Description: The issue is related to a buffer overflow in the close function of the iffoutput component in the OpenImageIO library. This can be exploited by a remote attacker using a specially crafted file,...

PT-2022-6812 · Unknown +1 · Openimageio +1

Name of the Vulnerable Software and Affected Versions: OpenImageIO versions 2.4.4.2 Description: The issue is related to a memory buffer overflow in the IFFOutput component of the OpenImageIO library. This can allow a remote attacker to access confidential data, compromise its integrity, and caus...

PT-2022-6814 · Unknown +1 · Openimageio +1

Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.4.4.2 Description: Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of OpenImageIO. A specially crafted ImageOutput Object can lead to a heap buffer overflow. This issue arises when the...

PT-2022-6795 · Unknown +2 · Openimageio +2

Name of the Vulnerable Software and Affected Versions: OpenImageIO versions prior to v2.3.20 OpenImageIO master-branch-9aeece7a and v2.3.19.0 Description: A heap out-of-bounds read issue exists in the RLA format parser of OpenImageIO, specifically in the handling of run-length encoded byte spans...

PT-2022-6801 · Unknown +2 · Openimageio +2

Name of the Vulnerable Software and Affected Versions: OpenImageIO version v2.3.19.0 Description: An out of bounds read issue exists in the way OpenImageIO processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a...

PT-2022-6799 · Unknown +2 · Openimageio +2

Name of the Vulnerable Software and Affected Versions: OpenImageIO versions master-branch-9aeece7a through v2.3.19.0 Description: A heap-based buffer overflow vulnerability exists in the tile decoding code of the TIFF image parser. This issue can be triggered by a specially-crafted TIFF file,...

PT-2022-6803 · Unknown +2 · Openimageio +2

Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.3.19.0 Description: An information disclosure issue exists in the OpenImageIO::decode iptc iim functionality. This is related to reading beyond the valid boundaries of a data buffer. A specially-crafted TIFF file can lea...

PT-2022-7113 · Unknown +1 · Openimageio +1

Name of the Vulnerable Software and Affected Versions: OpenImageIO version 2.3.19.0 Description: A heap out of bounds read issue exists in the handling of IPTC data while parsing TIFF images. This can be triggered by a specially-crafted TIFF file, causing a read of adjacent heap memory and...