CVE-2022-40090

Опубликовано: 22 авг. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

Ссылки

https://gitlab.com/libtiff/libtiff/-/issues/455
Exploit
Issue Tracking
https://gitlab.com/libtiff/libtiff/-/merge_requests/386
Issue Tracking
Patch
https://gitlab.com/libtiff/libtiff/-/issues/455
Exploit
Issue Tracking
https://gitlab.com/libtiff/libtiff/-/merge_requests/386
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Версия до 4.4.0 (исключая)

EPSS

Процентиль: 1%

0.00012

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-835

Связанные уязвимости

CVE-2022-40090

CVSS3: 6.5

ubuntu

почти 2 года назад

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

CVE-2022-40090

CVSS3: 6.5

redhat

почти 3 года назад

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

CVE-2022-40090

CVSS3: 6.5

debian

почти 2 года назад

An issue was discovered in function TIFFReadDirectory libtiff before 4 ...

GHSA-279f-f7v7-h5h8

CVSS3: 6.5

github

почти 2 года назад

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

BDU:2023-05285

CVSS3: 6.5

fstec

почти 2 года назад

Уязвимость функции TIFFReadDirectory библиотеки LibTIFF, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 1%

0.00012

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-835