Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-3598

Опубликовано: 21 окт. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.5

Описание

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

РелизСтатусПримечание
bionic

released

4.0.9-5ubuntu0.8
devel

not-affected

4.4.0-4ubuntu3.1
esm-infra-legacy/trusty

not-affected

4.0.3-7ubuntu0.11+esm5
esm-infra/bionic

not-affected

4.0.9-5ubuntu0.8
esm-infra/focal

not-affected

4.1.0+git191117-2ubuntu0.20.04.6
esm-infra/xenial

released

4.0.6-1ubuntu0.8+esm6
focal

released

4.1.0+git191117-2ubuntu0.20.04.6
jammy

released

4.3.0-6ubuntu0.2
kinetic

released

4.4.0-4ubuntu3.1
lunar

released

4.4.0-4ubuntu3.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 8%
0.00034
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-3598

CVSS3: 6.5
redhat
около 3 лет назад

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

nvd логотип

CVE-2022-3598

CVSS3: 5.5
nvd
больше 2 лет назад

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

msrc логотип

CVE-2022-3598

CVSS3: 6.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-3598

CVSS3: 5.5
debian
больше 2 лет назад

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifte ...

github логотип

GHSA-4cf4-hqwp-cpp8

CVSS3: 6.5
github
больше 2 лет назад

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

EPSS

Процентиль: 8%
0.00034
Низкий

5.5 Medium

CVSS3