Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:3827

Опубликовано: 31 авг. 2023
Источник: rocky
Оценка: Moderate

Описание

Moderate: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

  • libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c (CVE-2022-48281)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
libtiffx86_6428.el8_8libtiff-4.0.9-28.el8_8.x86_64.rpm
libtiff-develx86_6428.el8_8libtiff-devel-4.0.9-28.el8_8.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-48281

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2022-48281

CVSS3: 5.5
ubuntu
больше 2 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

redhat логотип

CVE-2022-48281

CVSS3: 5.5
redhat
больше 2 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

nvd логотип

CVE-2022-48281

CVSS3: 5.5
nvd
больше 2 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

msrc логотип

CVE-2022-48281

CVSS3: 5.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-48281

CVSS3: 5.5
debian
больше 2 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has ...