VDB

CVE-2022-43603

CVE-2022-43603 PUBLISHED CVSS 5.900000095367432 MEDIUM

A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide a malicious file to trigger this vulnerability.

EPSS 0.72% · 73.0th percentile

Risk Scores

CVSS 3.0
5.900000095367432
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.72%
73.0th percentile

Affected Products

VendorProductVersions
openimageioopenimageio2.4.4.2
OpenImageIO ProjectOpenImageIOv2.4.4.2
debiandebian_linux11.0

Timeline

  • Dec 22, 2022 CVE Published
  • Dec 23, 2022 EPSS Score
  • Feb 3, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 16, 2023 EPSS Score
  • Jun 7, 2023 EPSS Score
  • Jul 19, 2023 EPSS Score
  • Aug 29, 2023 EPSS Score
  • Oct 10, 2023 EPSS Score
  • Nov 20, 2023 EPSS Score
  • Jan 1, 2024 EPSS Score
  • Feb 11, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›