CVE-2022-22844

Опубликовано: 10 янв. 2022

Источник: debian

EPSS Низкий

Описание

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.3.0-3		package

Примечания

https://gitlab.com/libtiff/libtiff/-/issues/355
https://gitlab.com/libtiff/libtiff/-/merge_requests/287
Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/03047a26952a82daaa0792957ce211e0aa51bc64

EPSS

Процентиль: 26%

0.00085

Низкий

Связанные уязвимости

CVE-2022-22844

CVSS3: 5.5

ubuntu

больше 3 лет назад

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

CVE-2022-22844

CVSS3: 5.5

redhat

больше 3 лет назад

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

CVE-2022-22844

CVSS3: 5.5

nvd

больше 3 лет назад

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

CVE-2022-22844

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

GHSA-3r35-352r-wrcc

CVSS3: 5.5

github

больше 3 лет назад

LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

EPSS

Процентиль: 26%

0.00085

Низкий