exploitDog

GHSA-6gg3-fc4h-rcrg

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.

An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.

Ссылки

EPSS

Процентиль: 68%

0.00562

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-787

Связанные уязвимости

CVE-2018-3981

CVSS3: 7.8

nvd

больше 7 лет назад

An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.

EPSS

Процентиль: 68%

0.00562

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-787