CVE-2022-34526

Опубликовано: 30 июл. 2022

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.

A stack overflow flaw was found in the _TIFFVGetField function of Tiffsplit. This vulnerability allows attackers to cause a denial of service (DoS) via a crafted TIFF file.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	libtiff	Not affected
Red Hat Enterprise Linux 7	compat-libtiff3	Not affected
Red Hat Enterprise Linux 7	libtiff	Not affected
Red Hat Enterprise Linux 8	compat-libtiff3	Not affected
Red Hat Enterprise Linux 8	libtiff	Not affected
Red Hat Enterprise Linux 9	libtiff	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=2112756libtiff: A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit

EPSS

Процентиль: 41%

0.00193

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-34526

CVSS3: 6.5

ubuntu

больше 3 лет назад

CVE-2022-34526

CVSS3: 6.5

nvd

больше 3 лет назад

CVE-2022-34526

CVSS3: 6.5

msrc

больше 3 лет назад

CVE-2022-34526

CVSS3: 6.5

debian

больше 3 лет назад

A stack overflow was discovered in the _TIFFVGetField function of Tiff ...

GHSA-3fv6-vw38-4m6q

CVSS3: 6.5

github

больше 3 лет назад

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file.

EPSS

Процентиль: 41%

0.00193

Низкий

6.5 Medium

CVSS3