Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in OpenImageIO.
Software Description:
- openimageio: Library for reading and writing images
Details:
It was discovered that OpenImageIO incorrectly performed bounds
checking when processing SGI files. An attacker could possibly
use this issue to cause a denial of service or execute arbitrary
code. (CVE-2026-43903)
It was discovered that OpenImageIO incorrectly handled run-length
encoding when processing Softimage PIC files. An attacker
could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2026-43904)
It was discovered that OpenImageIO incorrectly validated subimage
metadata when processing HEIF files. An attacker could
possibly use this issue to cause a denial of service or execute
arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu
24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-43906)
It was discovered that OpenImageIO contained multiple integer
overflow vulnerabilities when processing DPX files...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libopenimageio-dev 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
libopenimageio2.5 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
openimageio-tools 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openimageio 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 24.04 LTS
libopenimageio-dev 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
libopenimageio2.4t64 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
openimageio-tools 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openimageio 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libopenimageio-dev 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
libopenimageio2.1 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
openimageio-tools 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openimageio 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libopenimageio-dev 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
libopenimageio1.7 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
openimageio-tools 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
python-openimageio 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libopenimageio-dev 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
libopenimageio1.6 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
openimageio-tools 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
python-openimageio 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8438-1
CVE-2026-43903, CVE-2026-43904, CVE-2026-43906, CVE-2026-43907,
CVE-2026-43908, CVE-2026-43909
Get the latest Linux and open source security news straight to your inbox.