Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-3430

Опубликовано: 18 дек. 2023
Источник: debian
EPSS Низкий

Описание

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
openimageiofixed2.4.13.0+dfsg-1package
openimageiono-dsabookwormpackage
openimageiono-dsabullseyepackage
openimageiono-dsabusterpackage

Примечания

  • https://github.com/OpenImageIO/oiio/issues/3840

  • https://github.com/AcademySoftwareFoundation/OpenImageIO/pull/3841

  • https://github.com/OpenImageIO/oiio/commit/5ff2c56dd28e96f67ed8f80d8a3d1235e51f9957 (v2.4.12.0)

EPSS

Процентиль: 66%
0.00529
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-3430

CVSS3: 7.5
ubuntu
больше 1 года назад

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.

nvd логотип

CVE-2023-3430

CVSS3: 7.5
nvd
больше 1 года назад

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.

redos логотип

ROS-20240408-12

CVSS3: 7.5
redos
около 1 года назад

Уязвимость OpenImageIO

github логотип

GHSA-h9m8-8h93-r67x

CVSS3: 7.5
github
больше 1 года назад

A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.

fstec логотип

BDU:2024-02768

CVSS3: 7.5
fstec
больше 1 года назад

Уязвимость файла src/gif.imageio/gifinput.cpp библиотеки обработки изображений OpenImageIO, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 66%
0.00529
Низкий