Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

OpenImageIO — Vulnerabilities & Security Advisories 38

All 38 CVE vulnerabilities found in OpenImageIO, with AI-generated Chinese analysis, references, and POCs.

OpenImageIO is a vendor product associated with common weakness enumeration vulnerabilities tagged under its specific software ecosystem. This aggregation page collects data regarding security vulnerabilities, software errors, and configuration issues that have been identified within the OpenImageIO library and its associated distribution packages over the last decade. It serves as a centralized repository for tracking the evolution of these security flaws, ensuring that developers and security researchers have access to a comprehensive historical record of reported incidents. By utilizing this resource, users can efficiently track vendor advisories from major open-source maintainers and understand the context of specific weakness classes as they apply to image processing libraries. The page allows for deep analysis of a product's vulnerability history, facilitating better risk assessment and remediation strategies for teams relying on OpenImageIO for rendering and file conversion tasks. It eliminates the need to search multiple disparate sources by grouping related findings and providing clear references to upstream fixes and downstream patch notes. This structured approach helps stakeholders identify recurring patterns in software defects, such as buffer overflows or memory management errors, which are prevalent in complex C++ codebases. The information presented is intended to support technical due diligence and continuous integration security scanning processes without introducing bias or promotional content.

Vendor: OpenImageIO Project

CVE IDTitleCVSSSeverityPublished
CVE-2026-43903 OpenImageIO: SGI RLE decoder heap buffer overflow OIIO_DASSERT bounds checks are no-ops in release builds CWE-787--2026-05-14
CVE-2026-43904 OpenImageIO: Softimage PIC RLE decoder heap buffer overflow — longCount not clamped to image width CWE-787--2026-05-14
CVE-2026-43905 OpenImageIO: JPEG2000 (OpenJPH) signed integer overflow in buffer allocation CWE-190--2026-05-14
CVE-2026-43996 OpenImageIO: Integer wraparound in bounds check of decode_pixel leads to out-of-bounds read in TGA paletted image decoder CWE-125 5.5 Medium2026-05-14
CVE-2026-43907 OpenImageIO: Integer overflow in QueryRGBBufferSizeInternal leads to heap out-of-bounds write in DPX decoder (kCbYCr and kABGR) CWE-190 8.3 High2026-05-14
CVE-2026-43908 OpenImageIO: Signed integer overflow in ConvertCbYCrYToRGB leads to heap out-of-bounds write in DPX 4:2:2 decoder CWE-190 8.8 High2026-05-14
CVE-2026-43909 OpenImageIO: Signed integer overflow in SwapRGBABytes loop index leads to out-of-bounds read/write in DPX ABGR decoder CWE-125 8.8 High2026-05-14
CVE-2026-43906 OpenImageIO: HEIF Heap overflow CWE-122--2026-05-14
CVE-2026-7582 AcademySoftwareFoundation OpenImageIO DDS Image ddsinput.cpp out-of-bounds write CWE-787 5.3 Medium2026-05-01
CVE-2024-40630 HEIF Heap OOB Read in OpenImageIO CWE-125 4.3 Medium2024-07-15
CVE-2023-3430 Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp CWE-122 7.5 High2023-12-18
CVE-2023-24473 OpenImageIO 缓冲区错误漏洞 CWE-125 5.3 Medium2023-03-30
CVE-2023-22845 OpenImageIO 缓冲区错误漏洞 CWE-125 7.5 High2023-03-30
CVE-2023-24472 OpenImageIO 安全漏洞 CWE-674 7.5 High2023-03-30
CVE-2022-43599 OpenImageIO 安全漏洞 CWE-122 8.1 -2022-12-23
CVE-2022-43603 OpenImageIO 代码问题漏洞 CWE-476 7.5 -2022-12-23
CVE-2022-43602 OpenImageIO 安全漏洞 CWE-122 8.1 -2022-12-23
CVE-2022-43601 OpenImageIO 安全漏洞 CWE-122 8.1 -2022-12-23
CVE-2022-43600 OpenImageIO 安全漏洞 CWE-122 8.1 -2022-12-23
CVE-2022-41988 OpenImageIO 缓冲区错误漏洞 CWE-125 7.5 -2022-12-23
CVE-2022-38143 OpenImageIO 缓冲区错误漏洞 CWE-123 9.8 -2022-12-23
CVE-2022-41639 OpenImageIO 缓冲区错误漏洞 CWE-122 9.8 -2022-12-23
CVE-2022-41649 OpenImageIO 缓冲区错误漏洞 CWE-125 7.4 -2022-12-23
CVE-2022-41684 OpenImageIO 缓冲区错误漏洞 CWE-125 6.5 -2022-12-23
CVE-2022-41794 OpenImageIO 缓冲区错误漏洞 CWE-122 9.8 -2022-12-23
CVE-2022-41837 OpenImageIO 缓冲区错误漏洞 CWE-562 9.8 -2022-12-23
CVE-2022-41838 OpenImageIO 缓冲区错误漏洞 CWE-122 9.8 -2022-12-23
CVE-2022-41977 OpenImageIO 缓冲区错误漏洞 CWE-125 4.0 -2022-12-23
CVE-2022-41981 OpenImageIO 缓冲区错误漏洞 CWE-121 8.1 High2022-12-23
CVE-2022-36354 OpenImageIO 安全漏洞 CWE-193 5.3 Medium2022-12-23

All 38 known CVE vulnerabilities affecting OpenImageIO with full Chinese analysis, references, and POCs where available.