CVE-2022-48281

Опубликовано: 23 янв. 2023

Источник: debian

EPSS Низкий

Описание

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.5.0-4		package

Примечания

https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5
https://gitlab.com/libtiff/libtiff/-/issues/488

EPSS

Процентиль: 1%

0.00009

Низкий

Связанные уязвимости

CVE-2022-48281

CVSS3: 5.5

ubuntu

около 3 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

redhat

около 3 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

nvd

около 3 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

msrc

около 3 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g. "WRITE of size 307203") via a crafted TIFF image.

SUSE-SU-2023:0342-1

suse-cvrf

почти 3 года назад

Security update for tiff

EPSS

Процентиль: 1%

0.00009

Низкий