CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
39.9%
A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service.
Vendor | Product | Version | CPE |
---|---|---|---|
openimageio | openimageio | 2.4.11 | cpe:2.3:a:openimageio:openimageio:2.4.11:*:*:*:*:*:*:* |
redhat | linux | - | cpe:2.3:o:redhat:linux:-:*:*:*:*:*:*:* |