4 matches found
EUVD-2026-30404
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a heap-based buffer overflow in the HEIF decoder of OpenImageIO allows out-of-bounds writes via crafted images due to a subimage metada...
CVE-2024-40630
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation via a format-agnostic API with a feature set, scalability, and robustness needed for feature film production. In affected versions there is a bug in the heif input...
CVE-2024-40630
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation via a format-agnostic API with a feature set, scalability, and robustness needed for feature film production. In affected versions there is a bug in the heif input...
CVE-2024-40630
OpenImageIO (OIIO) OpenImageIO’s HEIF input path contains a bug in HeifInput::seek_subimage() that can lead to information disclosure in affected builds. The issue is documented as part of CVE-2024-40630; remediation is to upgrade to OpenImageIO 2.5.13.1 or later, where the patch (commit 0a2dcb4c...