Lucene search
HistoryJan 23, 2023 - 3:15 a.m.
CVE-2022-48281
cve-2022-48281
libtiff
buffer overflow
heap-based
tiffcrop
nvd
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.4%
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., “WRITE of size 307203”) via a crafted TIFF image.
Affected configurations
Node
libtifflibtiffRange≤4.5.0
Node
debiandebian_linuxMatch10.0
ORdebiandebian_linuxMatch11.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| libtiff:libtiff | libtiff | le | 4.5.0 |
References
Related
redhatcve
redhatcve
CVE-2022-48281
2023-01-24 04:36:30
oraclelinux
oraclelinux
libtiff security update
2023-06-29 00:00:00
libtiff security update
2023-06-21 00:00:00
nessus
nessus
Rocky Linux 8 : libtiff (RLSA-2023:3827)
2023-08-31 00:00:00
RHEL 8 : libtiff (RHSA-2023:3827)
2023-06-27 00:00:00
SUSE SLES12 Security Update : tiff (SUSE-SU-2023:0199-1)
2023-01-28 00:00:00
debiancve
debiancve
CVE-2022-48281
2023-01-23 03:15:09
nvd
nvd
CVE-2022-48281
2023-01-23 03:15:09
rocky
rocky
libtiff security update
2023-08-31 16:54:34
libtiff security update
2023-08-31 16:55:40
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0342-1)
2023-02-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0199-1)
2023-01-30 00:00:00
Mageia: Security Advisory (MGASA-2023-0038)
2023-03-28 00:00:00
debian
debian
[SECURITY] [DLA 3297-1] tiff security update
2023-01-30 21:44:57
[SECURITY] [DSA 5333-1] tiff security update
2023-01-29 12:55:02
cbl_mariner
cbl_mariner
CVE-2022-48281 affecting package libtiff for versions less than 4.4.0-7
2023-02-24 01:54:12
CVE-2022-48281 affecting package libtiff 4.4.0-6
2023-02-14 02:35:58
cvelist
cvelist
CVE-2022-48281
2023-01-23 00:00:00
ibm
ibm
osv
osv
tiff - security update
2023-01-31 00:00:00
Moderate: libtiff security update
2023-08-31 16:54:34
Moderate: libtiff security update
2023-06-27 00:00:00
ubuntucve
ubuntucve
CVE-2022-48281
2023-01-23 00:00:00
prion
prion
Heap overflow
2023-01-23 03:15:00
redos
redos
ROS-20230124-03
2023-01-24 00:00:00
alpinelinux
alpinelinux
CVE-2022-48281
2023-01-23 03:15:09
veracode
veracode
Heap-Based Buffer Overflow
2023-01-27 04:17:16
mageia
mageia
Updated libtiff packages fix security vulnerability
2023-02-07 03:06:39
redhat
redhat
almalinux
almalinux
Moderate: libtiff security update
2023-06-27 00:00:00
Moderate: libtiff security update
2023-06-21 00:00:00
cnvd
cnvd
LibTIFF Buffer Overflow Vulnerability (CNVD-2023-29695)
2023-02-03 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-4.0-0328
2023-02-07 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0528
2023-02-08 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0018
2023-06-06 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2023-02-02 00:00:00
LibTIFF vulnerabilities
2023-08-15 00:00:00
gentoo
gentoo
LibTIFF: Multiple Vulnerabilities
2023-05-30 00:00:00
hp
hp
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.4%
Related for CVE-2022-48281