Vulnerabilities > Openimageio

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-41649 Out-of-bounds Read vulnerability in multiple products
A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0.
network
low complexity
openimageio debian CWE-125
critical
9.1
2022-12-22 CVE-2022-41684 Out-of-bounds Read vulnerability in Openimageio 20220914
A heap out of bounds read vulnerability exists in the OpenImageIO master-branch-9aeece7a when parsing the image file directory part of a PSD image file.
local
low complexity
openimageio CWE-125
5.5
2022-12-22 CVE-2022-41794 Heap-based Buffer Overflow vulnerability in multiple products
A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0.
network
low complexity
openimageio debian CWE-122
critical
9.8
2022-12-22 CVE-2022-41837 Return of Stack Variable Address vulnerability in multiple products
An out-of-bounds write vulnerability exists in the OpenImageIO::add_exif_item_to_spec functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
low complexity
openimageio debian CWE-562
critical
9.8
2022-12-22 CVE-2022-41838 Heap-based Buffer Overflow vulnerability in multiple products
A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
low complexity
openimageio debian CWE-122
critical
9.8
2022-12-22 CVE-2022-41977 Out-of-bounds Read vulnerability in Openimageio 2.3.19.0
An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files.
local
low complexity
openimageio CWE-125
3.3
2022-12-22 CVE-2022-41981 Stack-based Buffer Overflow vulnerability in multiple products
A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0.
network
high complexity
openimageio debian CWE-121
8.1
2022-12-22 CVE-2022-41988 Out-of-bounds Read vulnerability in multiple products
An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0.
network
low complexity
openimageio debian CWE-125
7.5
2022-12-22 CVE-2022-41999 NULL Pointer Dereference vulnerability in multiple products
A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2.
network
low complexity
openimageio debian CWE-476
7.5
2022-12-22 CVE-2022-43592 Out-of-bounds Read vulnerability in multiple products
An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-125
5.9