漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, in the way run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata which can result in sensitive information leak. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
Off-by-one错误
Vulnerability Title
OpenImageIO 安全漏洞
Vulnerability Description
OpenImageIO是OpenImageIO开源的一个图像处理库。具有易于使用的界面和大量受支持的图像格式。 OpenImageIO master-branch-9aeece7a版本、v2.3.19.0版本存在安全漏洞,该漏洞源于解析器中存在堆越界读取漏洞,从而导致敏感信息泄漏。
CVSS Information
N/A
Vulnerability Type
N/A