以下是通过简洁的markdown格式从网页截图中获取的关键漏洞信息: Talos Vulnerability Report Identifier: TALOS-2022-1633 Vulnerability: OpenImageIO TIFF tile pels decoding heap-based buffer overflow CVE: CVE-2022-41639 Summary: A heap-based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. Confirmed Vulnerable Versions: OpenImageIO Project OpenImageIO/master-branch-9aeece7a OpenImageIO Project OpenImageIO/v2.3.19.0 Timeline: 2022-10-19: Initial Vendor Contact 2022-10-20: Vendor Disclosure 2022-11-01: Vendor Patch Release 2022-12-22: Public Release Credit: Discovered by Lilith->aiiio of Cisco Talos. CWE: CWE-122 - Heap-based Buffer Overflow CVSSv3 Score: 9.8 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H