CVE-2022-41727

Опубликовано: 28 фев. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5.5

Описание

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	0.5.0-1
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	not-affected	0.5.0-1
focal	ignored	end of standard support, was needs-triage
jammy	needs-triage
kinetic	ignored	end of life, was needs-triage
lunar	ignored	end of life, was needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2022-41727

EPSS

Процентиль: 8%

0.00032

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-41727

CVSS3: 5.5

redhat

почти 3 года назад

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.

CVE-2022-41727

CVSS3: 5.5

nvd

почти 3 года назад

An attacker can craft a malformed TIFF image which will consume a significant amount of memory when passed to DecodeConfig. This could lead to a denial of service.

CVE-2022-41727

CVSS3: 5.5

debian

почти 3 года назад

An attacker can craft a malformed TIFF image which will consume a sign ...

GHSA-qgc7-mgm3-q253

CVSS3: 5.5

github

почти 3 года назад

Uncontrolled Resource Consumption in golang.org/x/image

BDU:2023-07980

CVSS3: 5.5

fstec

почти 3 года назад

Уязвимость компонента DecodeConfig языка программирования Golang, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 8%

0.00032

Низкий

5.5 Medium

CVSS3

CVE-2022-41727

Описание

Пакет golang-golang-x-image

Ссылки на источники

Связанные уязвимости