GHSA-4qr3-39h9-qwp4

Опубликовано: 23 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

Ссылки

EPSS

Процентиль: 1%

0.00008

Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-48281

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-48281

CVSS3: 5.5

ubuntu

почти 3 года назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

redhat

почти 3 года назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

nvd

почти 3 года назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

msrc

почти 3 года назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g. "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

debian

почти 3 года назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has ...

EPSS

Процентиль: 1%

0.00008

Низкий

8.8 High

CVSS3

CVE ID

CVE-2022-48281

Дефекты

CWE-787