GHSA-5c39-hcvq-5xxc
GitHub Security Advisory
⚠ Unreviewed
HIGH
Has CVE
Advisory Details
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8`
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: September 16, 2025 6:29 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.