LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.

References

gitlab.com/libtiff/libtiff/-/issues/355

gitlab.com/libtiff/libtiff/-/merge_requests/287

lists.debian.org/debian-lts-announce/2022/03/msg00001.html

security.gentoo.org/glsa/202210-10

security.netapp.com/advisory/ntap-20220311-0002/

www.debian.org/security/2022/dsa-5108

cbl_mariner 1

openvas 24

ibm 3

alpinelinux 1

cve 1

debiancve 1

veracode 1

fedora 1

ubuntucve 1

redhatcve 1

mageia 1

osv 8

prion 1

nvd 1

nessus 39

debian 2

ubuntu 2

cloudfoundry 1

photon 4

suse 1

archlinux 1

rocky 1

redhat 8

oraclelinux 2

almalinux 2

amazon 2

gentoo 1

cbl_mariner

CVE-2022-22844 affecting package libtiff for versions less than 4.3.0-2

2022-04-26 20:17:07

openvas

Fedora: Security Advisory for libtiff (FEDORA-2022-a403286212)

2022-01-31 00:00:00

Mageia: Security Advisory (MGASA-2022-0046)

2022-02-09 00:00:00

Huawei EulerOS: Security Advisory for compat-libtiff3 (EulerOS-SA-2022-1526)

2022-04-25 00:00:00

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-22844

2022-12-01 17:34:44

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in LibTIFF

2023-01-30 16:11:58

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

2023-02-02 03:37:14

alpinelinux

CVE-2022-22844

2022-01-10 14:12:58

cve

CVE-2022-22844

2022-01-10 14:12:58

debiancve

CVE-2022-22844

2022-01-10 14:12:58

veracode

Out-of-Bounds Read

2022-01-11 11:09:58

fedora

[SECURITY] Fedora 35 Update: libtiff-4.3.0-3.fc35

2022-01-31 01:15:11

ubuntucve

CVE-2022-22844

2022-01-10 00:00:00

redhatcve

CVE-2022-22844

2022-01-19 19:52:40

mageia

Updated libtiff packages fix security vulnerability

2022-02-03 00:29:30

osv

CVE-2022-22844

2022-01-10 14:12:58

tiff - security update

2022-03-06 00:00:00

tiff vulnerabilities

2022-09-12 07:49:59

prion

Out-of-bounds

2022-01-10 14:12:00

nvd

CVE-2022-22844

2022-01-10 14:12:58

nessus

EulerOS 2.0 SP5 : compat-libtiff3 (EulerOS-SA-2022-1526)

2022-04-25 00:00:00

Debian DLA-2932-1 : tiff - LTS security update

2022-03-07 00:00:00

EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2022-1540)

2022-04-25 00:00:00

debian

[SECURITY] [DLA 2932-1] tiff security update

2022-03-06 17:18:56

[SECURITY] [DSA 5108-1] tiff security update

2022-03-24 18:55:21

ubuntu

LibTIFF vulnerabilities

2022-09-12 00:00:00

LibTIFF vulnerabilities

2022-07-19 00:00:00

cloudfoundry

USN-5523-2: LibTIFF vulnerabilities | Cloud Foundry

2022-09-29 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2022-0400

2022-06-04 00:00:00

Critical Photon OS Security Update - PHSA-2022-0185

2022-05-18 00:00:00

Moderate Photon OS Security Update - PHSA-2022-3.0-0400

2022-06-04 00:00:00

suse

Security update for tiff (important)

2022-02-17 00:00:00

archlinux

[ASA-202204-6] libtiff: multiple issues

2022-04-05 00:00:00

rocky

libtiff security update

2022-11-08 06:23:40

redhat

(RHSA-2022:8194) Moderate: libtiff security update

2022-11-15 06:18:19

(RHSA-2022:7585) Moderate: libtiff security update

2022-11-08 06:23:40

(RHSA-2023:0470) Important: Migration Toolkit for Runtimes security update

2023-01-26 11:33:15

oraclelinux

libtiff security update

2022-11-22 00:00:00

libtiff security update

2022-11-15 00:00:00

almalinux

Moderate: libtiff security update

2022-11-08 00:00:00

Moderate: libtiff security update

2022-11-15 00:00:00

amazon

Medium: libtiff

2022-04-25 22:56:00

Medium: libtiff

2022-07-28 20:38:00

gentoo

LibTIFF: Multiple Vulnerabilities

2022-10-31 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.1%

JSON

Related for CVELIST:CVE-2022-22844