| |
Vulnerability CVE-2022-38143
Published: 2022-12-22
| Description: |
A heap out-of-bounds write vulnerability exists in the way OpenImageIO v2.3.19.0 processes RLE encoded BMP images. A specially-crafted bmp file can write to arbitrary out of bounds memory, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. |
Type:
CWE-123 (Write-what-where Condition)
References: |
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1630
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
