CVE-2023-3316

Опубликовано: 19 июн. 2023

Источник: debian

EPSS Низкий

Описание

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.5.0-5		package

Примечания

https://gitlab.com/libtiff/libtiff/-/issues/515
https://gitlab.com/libtiff/libtiff/-/merge_requests/468
https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536 (v4.5.1rc1)

EPSS

Процентиль: 4%

0.0002

Низкий

Связанные уязвимости

CVE-2023-3316

CVSS3: 5.9

ubuntu

около 2 лет назад

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

CVE-2023-3316

CVSS3: 5.5

redhat

около 2 лет назад

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

CVE-2023-3316

CVSS3: 5.9

nvd

около 2 лет назад

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

CVE-2023-3316

CVSS3: 6.5

msrc

почти 2 года назад

Описание отсутствует

GHSA-7mcc-hw35-pqwf

CVSS3: 5.9

github

около 2 лет назад

A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

EPSS

Процентиль: 4%

0.0002

Низкий