3 matches found
[SECURITY] [DSA 5384-1] openimageio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5384-1 [email protected] https://www.debian.org/security/ Markus Koschany April 10, 2023 https://www.debian.org/security/faq -...
CVE-2022-41838
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2022-41838
CVE-2022-41838: OpenImageIO v2.4.4.2 DDS scanline parsing contains a heap buffer overflow when processing a specially crafted .dds, enabling code execution as described in multiple advisories. Connected sources indicate remediation via upgrading to OpenImageIO 2.4.6.0 or newer (e.g., Gentoo/Magei...