Lucene search

[email protected]CVE-2022-1210

HistoryApr 03, 2022 - 9:15 a.m.

CVE-2022-1210

2022-04-0309:15:09

CWE-400

CWE-404

[email protected]

web.nvd.nist.gov

cve-2022-1210

libtiff

tiff file handler

tiff2ps

denial of service

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON

A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.

Affected configurations

Vulners

NVD

Node

libtifflibtiffMatch4.3.0

VendorProductVersionCPE
libtifflibtiff4.3.0cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
libtiff	libtiff	4.3.0	cpe:2.3:a:libtiff:libtiff:4.3.0:::::::*

CNA Affected

[
  {
    "vendor": "unspecified",
    "product": "LibTIFF",
    "versions": [
      {
        "version": "4.3.0",
        "status": "affected"
      }
    ]
  }
]