CVE-2022-0908

Опубликовано: 11 мар. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 7.7

Описание

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

Релиз	Статус	Примечание
bionic	released	4.0.9-5ubuntu0.6
devel	not-affected	4.4.0~rc1-1
esm-infra-legacy/trusty	not-affected	4.0.3-7ubuntu0.11+esm2
esm-infra/bionic	not-affected	4.0.9-5ubuntu0.6
esm-infra/focal	not-affected	4.1.0+git191117-2ubuntu0.20.04.4
esm-infra/xenial	released	4.0.6-1ubuntu0.8+esm2
focal	released	4.1.0+git191117-2ubuntu0.20.04.4
impish	ignored	end of life
jammy	not-affected	4.3.0-6
kinetic	not-affected	4.4.0~rc1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 16%

0.0005

Низкий

4.3 Medium

CVSS2

7.7 High

CVSS3

Связанные уязвимости

CVE-2022-0908

CVSS3: 5.5

redhat

больше 3 лет назад

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

CVE-2022-0908

CVSS3: 7.7

nvd

больше 3 лет назад

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

CVE-2022-0908

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

CVE-2022-0908

CVSS3: 7.7

debian

больше 3 лет назад

Null source pointer passed as an argument to memcpy() function within ...

GHSA-gqxh-jf4f-xfjr

CVSS3: 5.5

github

больше 3 лет назад

Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

EPSS

Процентиль: 16%

0.0005

Низкий

4.3 Medium

CVSS2

7.7 High

CVSS3

CVE-2022-0908

Описание

Пакет tiff

Ссылки на источники

Связанные уязвимости