GHSA-x8g3-wjf9-c729

Опубликовано: 01 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.

Ссылки

EPSS

Процентиль: 10%

0.00037

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-2520

Дефекты

CWE-131

CWE-617

Связанные уязвимости

CVE-2022-2520

CVSS3: 6.5

ubuntu

почти 3 года назад

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.

CVE-2022-2520

CVSS3: 6.5

redhat

около 3 лет назад

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.

CVE-2022-2520

CVSS3: 6.5

nvd

почти 3 года назад

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input.

CVE-2022-2520

CVSS3: 6.5

debian

почти 3 года назад

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion f ...

BDU:2023-05419

CVSS3: 6.5

fstec

почти 3 года назад

Уязвимость функции rotateimage() библиотеки libtiff, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 10%

0.00037

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-2520

Дефекты

CWE-131

CWE-617