First published: Thu Mar 30 2023(Updated: )
A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability.
Credit: talos-cna@cisco.com talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Openimageio Openimageio | =2.4.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-24472 is a denial of service vulnerability in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1.
CVE-2023-24472 has a severity value of 7.5, which is classified as high severity.
The affected software for CVE-2023-24472 is OpenImageIO v2.4.7.1.
An attacker can exploit CVE-2023-24472 by providing malicious input to the FitsOutput::close() functionality of OpenImageIO, leading to denial of service.
Yes, a fix is available for CVE-2023-24472. Please refer to the vendor's advisory or update to the latest version of OpenImageIO.