Vulnerabilities > CVE-2022-43594 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
high complexity
openimageio
debian
CWE-476

Summary

Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files.

Vulnerable Configurations

Part Description Count
Application
Openimageio
1
OS
Debian
1

Common Weakness Enumeration (CWE)