6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-22845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa fil...
CVE-2023-22845
An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...
Vulnerability Spotlight: Specially crafted files could lead to denial of service, information disclosure in OpenImageIO parser
Lilith of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered three vulnerabilities in the OpenImageIO image-parsing library that many popular pieces of 3-D rendering software use. OpenImageIO is a library that converts, compares and processes various image files. Blende...
CVE-2023-22845
OpenImageIO OpenImageIO v2.4.7.1 contains an out-of-bounds read in TGAInput::decode_pixel() that can disclose information when processing a crafted TGA file. TALOS reports a PoC; Nessus and Gentoo advisories indicate the issue affects multiple deployments and note a patch is available in newer re...
OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...
Fedora 37 : OpenImageIO (2023-c3d65c8f7b)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c3d65c8f7b advisory. Release 2.4.8.1 13 Feb 2023 -- compared to 2.4.8.0 Fixtarga: guard against corrupted tga files Fixes TALOS-2023-1707 / CVE-2023-24473, TALOS-2023-17...