An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1707 | Exploit Third Party Advisory |
Configurations
History
05 Apr 2023, 14:26
Type | Values Removed | Values Added |
---|---|---|
First Time |
Openimageio openimageio
Openimageio |
|
References | (MISC) https://talosintelligence.com/vulnerability_reports/TALOS-2023-1707 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:openimageio:openimageio:2.4.7.1:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
30 Mar 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-30 16:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-24473
Mitre link : CVE-2023-24473
CVE.ORG link : CVE-2023-24473
JSON object : View
Products Affected
openimageio
- openimageio
CWE
CWE-125
Out-of-bounds Read