CVE-2020-35522

Опубликовано: 14 дек. 2020

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libtiff	Out of support scope
Red Hat Enterprise Linux 7	compat-libtiff3	Will not fix
Red Hat Enterprise Linux 7	libtiff	Fix deferred
Red Hat Enterprise Linux 8	compat-libtiff3	Will not fix
Red Hat Enterprise Linux 8	mingw-libtiff	Will not fix
Red Hat Enterprise Linux 9	libtiff	Not affected
Red Hat Enterprise Linux 8	libtiff	Fixed	RHSA-2021:4241	09.11.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-119

https://bugzilla.redhat.com/show_bug.cgi?id=1932037libtiff: Memory allocation failure in tiff2rgba

EPSS

Процентиль: 13%

0.00044

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2020-35522

CVSS3: 5.5

ubuntu

почти 5 лет назад

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

CVE-2020-35522

CVSS3: 5.5

nvd

почти 5 лет назад

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

CVE-2020-35522

CVSS3: 5.5

msrc

почти 5 лет назад

In LibTIFF there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.

CVE-2020-35522

CVSS3: 5.5

debian

почти 5 лет назад

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A craf ...

GHSA-5hqr-x5p5-7g25

CVSS3: 5.5

github

больше 3 лет назад

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

EPSS

Процентиль: 13%

0.00044

Низкий

5.5 Medium

CVSS3