Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
5DescriptionGitHub Advisory
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 (mixed RLE) and :345 (pure RLE) do not clamp the run length to remaining scanline width before writing pixels. The raw packet path (line 403) correctly clamps with std::min, but RLE paths skip this check. A crafted .pic file causes heap overflow up to 65535 bytes. This vulnerability is fixed in 3.0.18.0 and 3.1.13.0.
AnalysisAI
Heap buffer overflow in OpenImageIO versions before 3.0.18.0 and 3.1.13.0 allows local attackers to corrupt up to 65,535 bytes of memory via malicious Softimage .pic files. The vulnerability arises when processing RLE-compressed images where run-length validation is missing in two code paths (softimageinput.cpp lines 469 and 345), though the raw packet path correctly implements bounds checking. EPSS data not available. Not listed in CISA KEV. Patches released by Academy Software Foundation in versions 3.0.18.0 and 3.1.13.0.
Technical ContextAI
OpenImageIO is a widely-used library in VFX and animation pipelines for image I/O operations across multiple formats. The vulnerability affects the Softimage PIC format parser (softimageinput.cpp), specifically in RLE (Run-Length Encoding) decompression logic. CWE-787 (Out-of-bounds Write) occurs because the mixed RLE path (line 469) and pure RLE path (line 345) fail to validate run-length values against remaining scanline width before writing decoded pixels to the heap buffer. The raw packet decompression path (line 403) correctly uses std::min() to clamp values, demonstrating inconsistent input validation across the parser. RLE compression stores pixel runs as length-value pairs; without bounds checking, an attacker-controlled length field up to 0xFFFF can cause writes beyond allocated buffer boundaries. The CPE string cpe:2.3:a:academysoftwarefoundation:openimageio indicates this is the Academy Software Foundation's implementation used across production pipelines.
RemediationAI
Upgrade to OpenImageIO version 3.0.18.0 or later for the 3.0 branch, or version 3.1.13.0 or later for the 3.1 branch, as confirmed in GitHub Security Advisory GHSA-4499-j545-7q33 (https://github.com/AcademySoftwareFoundation/OpenImageIO/security/advisories/GHSA-4499-j545-7q33). If immediate patching is infeasible, implement strict input validation by blocking Softimage .pic file processing from untrusted sources, though this eliminates legitimate workflow functionality for studios using this legacy format. Deploy application sandboxing (AppArmor, SELinux, containers) to contain potential heap corruption impact, accepting performance overhead of 5-15% in I/O operations. Disable automatic image preview/thumbnail generation for .pic files in file browsers and DAM systems to reduce user interaction attack surface, noting this degrades user experience in asset review workflows. No temporary code-level workaround exists short of reverting to earlier versions, which would reintroduce other vulnerabilities.
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Memory Corruption
View allVendor StatusVendor
SUSE
Severity: HighShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30392