Vulnerability Details CVE-2022-43593
A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to null pointer dereference. An attacker can provide malicious input to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.5%
CVSS Severity
CVSS v3 Score 5.9
References
- https://security.gentoo.org/glsa/202305-33
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1652
- https://www.debian.org/security/2023/dsa-5384
- https://security.gentoo.org/glsa/202305-33
- https://talosintelligence.com/vulnerability_reports/TALOS-2022-1652
- https://www.debian.org/security/2023/dsa-5384
Products affected by CVE-2022-43593
-
cpe:2.3:a:openimageio:openimageio:2.4.4.2
-
cpe:2.3:o:debian:debian_linux:11.0