Описание
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| openimageio | fixed | 2.4.7.1+dfsg-1 | experimental | package |
| openimageio | fixed | 2.4.7.1+dfsg-2 | package |
Примечания
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1657
https://github.com/OpenImageIO/oiio/pull/3670
EPSS
Связанные уязвимости
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.
Уязвимость функции close() компонента zfileoutput библиотеки обработки изображений OpenImageIO, позволяющая нарушителю вызвать отказ в обслуживании
EPSS