CVE-2022-43594 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-43594 Interim 1 3 2025-02-16T02:51:00Z current 2022-12-31T00:39:21Z 2025-02-16T02:51:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-43594 Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed OpenImageIO-2.4.6.0-1.1 OpenImageIO-devel-2.4.6.0-1.1 libOpenImageIO2_4-2.4.6.0-1.1 libOpenImageIO_Util2_4-2.4.6.0-1.1 python3-OpenImageIO-2.4.6.0-1.1 OpenImageIO-2.4.6.0-1.1 as a component of openSUSE Tumbleweed OpenImageIO-devel-2.4.6.0-1.1 as a component of openSUSE Tumbleweed libOpenImageIO2_4-2.4.6.0-1.1 as a component of openSUSE Tumbleweed libOpenImageIO_Util2_4-2.4.6.0-1.1 as a component of openSUSE Tumbleweed python3-OpenImageIO-2.4.6.0-1.1 as a component of openSUSE Tumbleweed Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. Specially crafted ImageOutput Objects can lead to multiple null pointer dereferences. An attacker can provide malicious multiple inputs to trigger these vulnerabilities.This vulnerability applies to writing .bmp files. CVE-2022-43594 openSUSE Tumbleweed:OpenImageIO-2.4.6.0-1.1 openSUSE Tumbleweed:OpenImageIO-devel-2.4.6.0-1.1 openSUSE Tumbleweed:libOpenImageIO2_4-2.4.6.0-1.1 openSUSE Tumbleweed:libOpenImageIO_Util2_4-2.4.6.0-1.1 openSUSE Tumbleweed:python3-OpenImageIO-2.4.6.0-1.1 moderate 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H