First published: Thu Mar 30 2023(Updated: )
An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Openimageio Openimageio | =2.4.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this information disclosure vulnerability is CVE-2023-24473.
The affected software is OpenImageIO Project OpenImageIO version 2.4.7.1.
The severity of CVE-2023-24473 is high with a CVSS score of 7.5.
The vulnerability allows a specially crafted targa file to disclose sensitive information.
An attacker can provide a malicious file to trigger the information disclosure vulnerability.