4 matches found
[SECURITY] [DSA 5384-1] openimageio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5384-1 [email protected] https://www.debian.org/security/ Markus Koschany April 10, 2023 https://www.debian.org/security/faq -...
CVE-2022-41977
CVE-2022-41977 affects OpenImageIO v2.3.19.0 with an out-of-bounds read when processing TIFF string fields, enabling information disclosure via a crafted file. Debian/Gentoo advisories recommend upgrading to fixed OpenImageIO releases (e.g., Debian 2.2.10.1+dfsg-1+deb11u1 or newer) to mitigate.
CVE-2022-41977
An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...
OpenImageIO TIFF file string field information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1627 OpenImageIO TIFF file string field information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-41977 SUMMARY An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A...