CVE-2023-26965

Опубликовано: 14 июн. 2023

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS3: 5.5

Описание

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	not-affected	4.5.1+git230720-1ubuntu1
esm-infra-legacy/trusty	released	4.0.3-7ubuntu0.11+esm8
esm-infra/bionic	released	4.0.9-5ubuntu0.10+esm1
esm-infra/focal	released	4.1.0+git191117-2ubuntu0.20.04.9
esm-infra/xenial	released	4.0.6-1ubuntu0.8+esm11
focal	released	4.1.0+git191117-2ubuntu0.20.04.9
jammy	released	4.3.0-6ubuntu0.5
kinetic	ignored	end of life, was needed
lunar	released	4.5.0-5ubuntu1.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 1%

0.00009

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-26965

CVSS3: 5.5

redhat

больше 2 лет назад

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

CVE-2023-26965

CVSS3: 5.5

nvd

больше 2 лет назад

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

CVE-2023-26965

CVSS3: 5.5

msrc

больше 2 лет назад

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

CVE-2023-26965

CVSS3: 5.5

debian

больше 2 лет назад

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-ba ...

GHSA-w5rm-7jx3-m7m4

CVSS3: 8.8

github

больше 2 лет назад

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

EPSS

Процентиль: 1%

0.00009

Низкий

5.5 Medium

CVSS3

CVE-2023-26965

Описание

Пакет tiff

Ссылки на источники

Связанные уязвимости