Fluid Attacks Database

Description

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w * h * ch * buffer_bpp using signed 32-bit arithmetic. When the product exceeds INT_MAX, the result wraps to 0 or a small value. m_buf.resize() allocates an undersized buffer, and subsequent pixel write loops cause heap overflow. Conditional on USE_OPENJPH build flag. This vulnerability is fixed in 3.0.18.0 and 3.1.13.0.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
debian 11	openimageio	=2.2.10.1+dfsg-1 \|\| =2.2.10.1+dfsg-1+deb11u1 \|\| =2.2.13.1+dfsg-1 \|\| =2.2.14.0+dfsg-1 \|\| =2.2.16.0+dfsg-1 \|\| =2.2.17.0+dfsg-1 \|\| =2.2.17.0+dfsg-2 \|\| =2.2.18.0+dfsg-1 \|\| =2.2.18.0+dfsg-2 \|\| =2.3.11.0+dfsg-1 \|\| =2.3.12.0+dfsg-1 \|\| =2.3.14.0+dfsg-1 \|\| =2.3.14.0+dfsg-2 \|\| =2.3.14.0+dfsg-3 \|\| =2.3.17.0+dfsg-1 \|\| =2.3.18.0+dfsg-1 \|\| =2.3.18.0+dfsg-2 \|\| =2.3.18.0+dfsg-3 \|\| =2.3.18.0+dfsg-4 \|\| =2.3.18.0+dfsg-5 \|\| =2.3.18.0+dfsg-6 \|\| =2.3.21.0+dfsg-1 \|\| =2.3.8.0+dfsg-1 \|\| =2.3.9.1+dfsg-1 \|\| =2.4.12.0+dfsg-1 \|\| =2.4.13.0+dfsg-1 \|\| =2.4.14.0+dfsg-1 \|\| =2.4.16.0+dfsg-1 \|\| =2.4.17.0+dfsg-1 \|\| =2.4.17.0+dfsg-1.1 \|\| =2.4.7.1+dfsg-1 \|\| =2.4.7.1+dfsg-2 \|\| =2.4.9.0+dfsg-1 \|\| =2.5.10.1+dfsg-1 \|\| =2.5.12.0+dfsg-1 \|\| =2.5.12.0+dfsg-2 \|\| =2.5.14.0+dfsg-1 \|\| =2.5.15.0+dfsg-1 \|\| =2.5.16.0+dfsg-1 \|\| =2.5.18.0+dfsg-1 \|\| =2.5.19.1+dfsg-1 \|\| =2.5.19.1+dfsg-2 \|\| =2.5.7.0+dfsg-1
debian 12	openimageio	=2.4.12.0+dfsg-1 \|\| =2.4.13.0+dfsg-1 \|\| =2.4.14.0+dfsg-1 \|\| =2.4.16.0+dfsg-1 \|\| =2.4.17.0+dfsg-1 \|\| =2.4.17.0+dfsg-1.1 \|\| =2.4.7.1+dfsg-2 \|\| =2.4.9.0+dfsg-1 \|\| =2.5.10.1+dfsg-1 \|\| =2.5.12.0+dfsg-1 \|\| =2.5.12.0+dfsg-2 \|\| =2.5.14.0+dfsg-1 \|\| =2.5.15.0+dfsg-1 \|\| =2.5.16.0+dfsg-1 \|\| =2.5.18.0+dfsg-1 \|\| =2.5.19.1+dfsg-1 \|\| =2.5.19.1+dfsg-2 \|\| =2.5.7.0+dfsg-1
debian 13	openimageio	=2.5.18.0+dfsg-1 \|\| =2.5.19.1+dfsg-1 \|\| =2.5.19.1+dfsg-2
debian 14	openimageio	=2.5.18.0+dfsg-1 \|\| =2.5.19.1+dfsg-1 \|\| =2.5.19.1+dfsg-2

Aliases

1. CVE-2026-439052. NVD-2026-439053. OSV-DEBIAN-2026-439054. OSV-2026-439055. SECURITY-TRACKER-CVE-2026-43905

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.