3 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-42450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte...
Buffer Overflow
Overview Affected versions of this package are vulnerable to Buffer Overflow in the sscanf process when parsing LUT data lines from .spi3d files. An attacker can cause arbitrary code execution or application crash by supplying a specially crafted .spi3d file containing excessively long input line...
CVE-2026-42450
OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte stack buffers when parsing LUT data lines. Input comes from lineBuffer4096, so a crafted .spi3d file can overflow by 4000 bytes on...