Описание
disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| golang-github-disintegration-imaging | fixed | 1.6.2-3 | package | |
| golang-github-disintegration-imaging | no-dsa | bookworm | package | |
| golang-github-disintegration-imaging | no-dsa | bullseye | package | |
| golang-github-disintegration-imaging | postponed | buster | package |
Примечания
https://github.com/disintegration/imaging/issues/165
EPSS
Связанные уязвимости
disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
disintegration Imaging 1.6.2 allows attackers to cause a panic (because of an integer index out of range during a Grayscale call) via a crafted TIFF file to the scan function of scanner.go. NOTE: it is unclear whether there are common use cases in which this panic could have any security consequence
EPSS