PT-2025-3097 · Unknown+2 · Openimageio+2
Frank-Z7
·
Published
2024-12-02
·
Updated
2025-01-27
·
CVE-2024-55192
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
OpenImageIO version 3.1.0.0dev
Description
A heap overflow issue was discovered in OpenImageIO via the component OpenImageIO v3 1 0::farmhash::inlined::Fetch64(char const*).
Recommendations
For OpenImageIO version 3.1.0.0dev, as a temporary workaround, consider disabling the
Fetch64 function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Memory Corruption
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Astra Linux
Debian
Openimageio