A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=2218380 | Issue Tracking Third Party Advisory |
https://github.com/AcademySoftwareFoundation/OpenImageIO/issues/3840 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
22 Dec 2023, 18:44
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CPE | cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:* cpe:2.3:a:openimageio:openimageio:2.4.11:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References |
|
|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2218380 - Issue Tracking, Third Party Advisory | |
First Time |
Redhat
Openimageio Openimageio openimageio Redhat linux |
18 Dec 2023, 15:04
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-18 14:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-3430
Mitre link : CVE-2023-3430
CVE.ORG link : CVE-2023-3430
JSON object : View
Products Affected
openimageio
- openimageio
redhat
- linux