5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
31.6%
Multiple denial of service vulnerabilities exist in the image output
closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
Specially crafted ImageOutput Objects can lead to multiple null pointer
dereferences. An attacker can provide malicious multiple inputs to trigger
these vulnerabilities.This vulnerability applies to writing .fits files.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | openimageio | < any | UNKNOWN |
ubuntu | 20.04 | noarch | openimageio | < any | UNKNOWN |
ubuntu | 22.04 | noarch | openimageio | < any | UNKNOWN |
ubuntu | 23.10 | noarch | openimageio | < any | UNKNOWN |
ubuntu | 24.04 | noarch | openimageio | < any | UNKNOWN |
ubuntu | 16.04 | noarch | openimageio | < any | UNKNOWN |