Описание
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tiff | fixed | 4.5.1~rc3-1 | package | |
| tiff | fixed | 4.5.0-6+deb12u2 | bookworm | package |
Примечания
https://gitlab.com/libtiff/libtiff/-/merge_requests/472
https://gitlab.com/libtiff/libtiff/-/commit/ec8ef90c1f573c9eb1f17d6a056aa0015f184acf (v4.5.1rc1)
EPSS
Процентиль: 1%
0.00009
Низкий
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 2 лет назад
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
CVSS3: 5.5
redhat
больше 2 лет назад
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
CVSS3: 5.5
nvd
больше 2 лет назад
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
CVSS3: 8.8
github
больше 2 лет назад
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
EPSS
Процентиль: 1%
0.00009
Низкий