CVE Tools

openimageio

OSS Librariesoss-project

32

Cumulative CVEs

2

Monthly snapshots

#32

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting openimageio.

CVE-2026-43903OpenImageIO: SGI RLE decoder heap buffer overflow OIIO_DASSERT bounds checks are no-ops in release builds7.8May 14, 2026
CVE-2026-43904OpenImageIO: Softimage PIC RLE decoder heap buffer overflow — longCount not clamped to image width7.8May 14, 2026
CVE-2026-43905OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation7.8May 14, 2026
CVE-2026-43996OpenImageIO: Integer wraparound in bounds check of decode_pixel leads to out-of-bounds read in TGA paletted image decoder5.5May 14, 2026
CVE-2026-43907OpenImageIO: Integer overflow in QueryRGBBufferSizeInternal leads to heap out-of-bounds write in DPX decoder (kCbYCr and kABGR)8.3May 14, 2026
CVE-2026-43908OpenImageIO: Signed integer overflow in ConvertCbYCrYToRGB leads to heap out-of-bounds write in DPX 4:2:2 decoder8.8May 14, 2026
CVE-2026-43909OpenImageIO: Signed integer overflow in SwapRGBABytes loop index leads to out-of-bounds read/write in DPX ABGR decoder8.8May 14, 2026
CVE-2026-43906OpenImageIO: HEIF Heap overflow7.8May 14, 2026
CVE-2024-55194OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h.9.8Jan 23, 2025
CVE-2024-55193OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h.9.8Jan 23, 2025
CVE-2024-55192OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).9.8Jan 23, 2025
CVE-2023-3430Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp7.5Dec 18, 2023
CVE-2023-42299Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_subimage_data function.9.8Nov 2, 2023
CVE-2023-42295An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_rle_image function of file bifs/unquantize.c8.8Oct 23, 2023
CVE-2023-36183Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before allows a remote to execute arbitrary code and obtain sensitive information via a crafted file to the readimg function.7.8Jul 3, 2023