Vulnerabilities > Openimageio > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-3430 | Out-of-bounds Write vulnerability in Openimageio 2.4.11 A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. | 7.5 |
| 2023-10-23 | CVE-2023-42295 | Integer Overflow or Wraparound vulnerability in Openimageio 2.4.12.0 An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_rle_image function of file bifs/unquantize.c | 8.8 |
| 2023-07-03 | CVE-2023-36183 | Classic Buffer Overflow vulnerability in Openimageio Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function. | 7.8 |
| 2023-03-30 | CVE-2023-24472 | Uncontrolled Recursion vulnerability in Openimageio 2.4.7.1 A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. | 7.5 |
| 2022-12-22 | CVE-2022-41981 | Stack-based Buffer Overflow vulnerability in multiple products A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. | 8.1 |
| 2022-12-22 | CVE-2022-41988 | Out-of-bounds Read vulnerability in multiple products An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. | 7.5 |
| 2022-12-22 | CVE-2022-41999 | NULL Pointer Dereference vulnerability in multiple products A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and v2.4.4.2. | 7.5 |
| 2022-12-22 | CVE-2022-43597 | Heap-based Buffer Overflow vulnerability in multiple products Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. | 8.1 |
| 2022-12-22 | CVE-2022-43598 | Heap-based Buffer Overflow vulnerability in multiple products Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. | 8.1 |
| 2022-12-22 | CVE-2022-43599 | Heap-based Buffer Overflow vulnerability in multiple products Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. | 8.1 |