CVE-2023-3618

Опубликовано: 12 июл. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.

Ссылки

https://access.redhat.com/security/cve/CVE-2023-3618
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2215865
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230824-0012/
https://support.apple.com/kb/HT214036
https://support.apple.com/kb/HT214037
https://support.apple.com/kb/HT214038
https://access.redhat.com/security/cve/CVE-2023-3618
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2215865
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230824-0012/
https://support.apple.com/kb/HT214036
https://support.apple.com/kb/HT214037
https://support.apple.com/kb/HT214038

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Версия до 4.5.1 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00183

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-120

Связанные уязвимости

CVE-2023-3618

CVSS3: 6.5

ubuntu

около 2 лет назад

CVE-2023-3618

CVSS3: 6.5

redhat

больше 2 лет назад

CVE-2023-3618

CVSS3: 6.5

debian

около 2 лет назад

A flaw was found in libtiff. A specially crafted tiff file can lead to ...

ROS-20230908-06

CVSS3: 6.5

redos

почти 2 года назад

Уязвимость Libtiff

GHSA-jgp5-27vm-42q7

CVSS3: 7.5

github

около 2 лет назад

EPSS

Процентиль: 41%

0.00183

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-120