CVE-2022-43598

Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1655 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:openimageio_project:openimageio:2.4.4.2:*:*:*:*:*:*:*

Information

Published : 2022-12-22 10:15

Updated : 2022-12-30 09:29


NVD link : CVE-2022-43598

Mitre link : CVE-2022-43598

Products Affected
No products.
CWE