Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-0891

Опубликовано: 10 мар. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.8
CVSS3: 6.1

Описание

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

РелизСтатусПримечание
bionic

released

4.0.9-5ubuntu0.5
devel

not-affected

4.4.0~rc1-1
esm-infra-legacy/trusty

released

4.0.3-7ubuntu0.11+esm1
esm-infra/bionic

released

4.0.9-5ubuntu0.5
esm-infra/focal

released

4.1.0+git191117-2ubuntu0.20.04.3
esm-infra/xenial

released

4.0.6-1ubuntu0.8+esm1
focal

released

4.1.0+git191117-2ubuntu0.20.04.3
impish

released

4.3.0-1ubuntu0.1
jammy

not-affected

4.3.0-6
trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 8%
0.00029
Низкий

5.8 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-0891

CVSS3: 6.1
redhat
почти 4 года назад

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

nvd логотип

CVE-2022-0891

CVSS3: 6.1
nvd
почти 4 года назад

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

msrc логотип

CVE-2022-0891

CVSS3: 7.1
msrc
почти 4 года назад

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash potential information disclosure or any other context-dependent impact

debian логотип

CVE-2022-0891

CVSS3: 6.1
debian
почти 4 года назад

A heap buffer overflow in ExtractImageSection function in tiffcrop.c i ...

github логотип

GHSA-ppwc-w499-gfmh

CVSS3: 7.1
github
почти 4 года назад

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

EPSS

Процентиль: 8%
0.00029
Низкий

5.8 Medium

CVSS2

6.1 Medium

CVSS3