VDB
CVE-2022-43594
CVE-2022-43594
PUBLISHED
CVSS 5.900000095367432 MEDIUM
Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files.
EPSS 0.72% · 72.8th percentile
Risk Scores
CVSS 3.1
5.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.72%
72.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openimageio | openimageio | 2.4.4.2 |
| OpenImageIO Project | OpenImageIO | v2.4.4.2 |
| debian | debian_linux | 11.0 |
Timeline
- Dec 22, 2022 CVE Published
- Dec 23, 2022 EPSS Score
- Dec 30, 2022 CVE Updated
- Feb 3, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
- Apr 27, 2023 EPSS Score
- Jun 7, 2023 EPSS Score
- Jul 19, 2023 EPSS Score
- Aug 29, 2023 EPSS Score
- Nov 20, 2023 EPSS Score
- Jan 1, 2024 EPSS Score