Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-5523-1
HistoryJul 19, 2022 - 11:05 a.m.

tiff vulnerabilities

2022-07-1911:05:26
Google
osv.dev
2

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.7%

JSON

It was discovered that LibTIFF was not properly performing checks to
guarantee that allocated memory space existed, which could lead to a
NULL pointer dereference via a specially crafted file. An attacker
could possibly use this issue to cause a denial of service.
(CVE-2022-0907, CVE-2022-0908)

It was discovered that LibTIFF was not properly performing checks to
avoid division calculations where the denominator value was zero,
which could lead to an undefined behavior situation via a specially
crafted file. An attacker could possibly use this issue to cause a
denial of service. (CVE-2022-0909)

It was discovered that LibTIFF was not properly performing bounds
checks, which could lead to an out-of-bounds read via a specially
crafted file. An attacker could possibly use this issue to cause a
denial of service or to expose sensitive information. (CVE-2022-0924)

It was discovered that LibTIFF was not properly performing the
calculation of data that would eventually be used as a reference for
bounds checking operations, which could lead to an out-of-bounds
read via a specially crafted file. An attacker could possibly use
this issue to cause a denial of service or to expose sensitive
information. (CVE-2020-19131)

It was discovered that LibTIFF was not properly terminating a
function execution when processing incorrect data, which could lead
to an out-of-bounds read via a specially crafted file. An attacker
could possibly use this issue to cause a denial of service or to
expose sensitive information. (CVE-2020-19144)

It was discovered that LibTIFF was not properly performing checks
when setting the value for data later used as reference during memory
access, which could lead to an out-of-bounds read via a specially
crafted file. An attacker could possibly use this issue to cause a
denial of service or to expose sensitive information.
(CVE-2022-22844)

Related

ubuntu 3
openvas 35
nessus 49
cloudfoundry 2
osv 16
photon 4
debian 2
fedora 3
archlinux 1
mageia 3
amazon 2
oraclelinux 3
almalinux 3
redhat 3
ibm 6
rocky 2
prion 7
cve 5
cnvd 1
redhatcve 7
debiancve 6
nvd 6
ubuntucve 6
cvelist 7
gentoo 1
veracode 6
suse 1
alpinelinux 3
cbl_mariner 6
ubuntu
ubuntu
LibTIFF vulnerabilities
2022-07-19 00:00:00
LibTIFF vulnerabilities
2022-09-12 00:00:00
LibTIFF vulnerabilities
2022-09-20 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5523-2)
2022-09-16 00:00:00
Ubuntu: Security Advisory (USN-5523-1)
2022-08-26 00:00:00
Fedora: Security Advisory for libtiff (FEDORA-2022-c39720a0ed)
2022-04-03 00:00:00
nessus
nessus
Ubuntu 16.04 ESM : LibTIFF vulnerabilities (USN-5523-1)
2022-07-19 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : LibTIFF vulnerabilities (USN-5523-2)
2022-09-12 00:00:00
Debian DLA-2777-1 : tiff - LTS security update
2021-10-03 00:00:00
cloudfoundry
cloudfoundry
USN-5523-2: LibTIFF vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
USN-5619-1: LibTIFF vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
osv
osv
tiff vulnerabilities
2022-09-12 07:49:59
tiff - security update
2022-03-24 00:00:00
tiff - security update
2021-10-03 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0400
2022-06-04 00:00:00
Critical Photon OS Security Update - PHSA-2022-0185
2022-05-18 00:00:00
Moderate Photon OS Security Update - PHSA-2022-3.0-0400
2022-06-04 00:00:00
debian
debian
[SECURITY] [DLA 2777-1] tiff security update
2021-10-09 18:02:06
[SECURITY] [DSA 5108-1] tiff security update
2022-03-24 18:55:21
fedora
fedora
[SECURITY] Fedora 35 Update: libtiff-4.3.0-6.fc35
2022-03-31 01:15:26
[SECURITY] Fedora 36 Update: libtiff-4.3.0-6.fc36
2022-04-03 00:15:59
[SECURITY] Fedora 35 Update: libtiff-4.3.0-3.fc35
2022-01-31 01:15:11
archlinux
archlinux
[ASA-202204-6] libtiff: multiple issues
2022-04-05 00:00:00
mageia
mageia
Updated libtiff packages fix security vulnerability
2022-03-28 19:23:37
Updated libtiff packages fix security vulnerability
2022-02-03 00:29:30
Updated libtiff packages fix security vulnerability
2022-04-03 01:22:09
amazon
amazon
Medium: libtiff
2022-04-25 22:56:00
Medium: libtiff
2022-07-28 20:38:00
oraclelinux
oraclelinux
libtiff security update
2022-11-15 00:00:00
libtiff security update
2022-11-22 00:00:00
libtiff security update
2022-05-17 00:00:00
almalinux
almalinux
Moderate: libtiff security update
2022-11-08 00:00:00
Moderate: libtiff security update
2022-11-15 00:00:00
Moderate: libtiff security update
2022-05-10 08:02:19
redhat
redhat
(RHSA-2022:7585) Moderate: libtiff security update
2022-11-08 06:23:40
(RHSA-2022:8194) Moderate: libtiff security update
2022-11-15 06:18:19
(RHSA-2022:1810) Moderate: libtiff security update
2022-05-10 08:02:19
ibm
ibm
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in LibTIFF
2023-01-30 16:29:59
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in LibTIFF
2022-06-29 02:18:53
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-22844
2022-12-01 17:34:44
rocky
rocky
libtiff security update
2022-11-08 06:23:40
libtiff security update
2022-05-10 08:02:19
prion
prion
Buffer overflow
2021-09-09 15:15:00
Buffer overflow
2021-09-07 15:15:00
Out-of-bounds
2022-01-10 14:12:00
cve
cve
CVE-2020-19144
2021-09-09 15:15:08
CVE-2020-19131
2021-09-07 15:15:07
CVE-2022-22844
2022-01-10 14:12:58
cnvd
cnvd
libtiff buffer overflow vulnerability (CNVD-2021-93892)
2021-09-10 00:00:00
redhatcve
redhatcve
CVE-2020-19144
2021-09-13 18:54:01
CVE-2020-19131
2021-09-14 12:09:54
CVE-2022-22844
2022-01-19 19:52:40
debiancve
debiancve
CVE-2020-19144
2021-09-09 15:15:08
CVE-2020-19131
2021-09-07 15:15:07
CVE-2022-22844
2022-01-10 14:12:58
nvd
nvd
CVE-2020-19144
2021-09-09 15:15:08
CVE-2020-19131
2021-09-07 15:15:07
CVE-2022-22844
2022-01-10 14:12:58
ubuntucve
ubuntucve
CVE-2020-19144
2021-09-09 00:00:00
CVE-2020-19131
2021-09-07 00:00:00
CVE-2022-22844
2022-01-10 00:00:00
cvelist
cvelist
CVE-2020-19144
2021-09-09 14:25:45
CVE-2020-19131
2021-09-07 14:06:26
CVE-2022-22844
2022-01-08 00:00:00
gentoo
gentoo
LibTIFF: Multiple Vulnerabilities
2022-10-31 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-06-02 23:41:18
Out-of-Bounds Read
2022-01-11 11:09:58
NULL Pointer Dereference
2022-03-15 06:07:03
suse
suse
Security update for tiff (important)
2022-05-30 00:00:00
alpinelinux
alpinelinux
CVE-2022-22844
2022-01-10 14:12:58
CVE-2022-0908
2022-03-11 18:15:27
CVE-2022-0907
2022-03-11 18:15:26
cbl_mariner
cbl_mariner
CVE-2022-22844 affecting package libtiff for versions less than 4.3.0-2
2022-04-26 20:17:07
CVE-2022-0907 affecting package libtiff for versions less than 4.3.0-2
2022-04-26 20:17:07
CVE-2022-0908 affecting package libtiff for versions less than 4.3.0-2
2022-04-26 20:17:07

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.7%

JSON
Related for OSV:USN-5523-1
ubuntu3openvas35nessus49cloudfoundry2osv16photon4debian2fedora3archlinux1mageia3amazon2oraclelinux3almalinux3redhat3ibm6rocky2prion7cve5cnvd1redhatcve7debiancve6nvd6ubuntucve6cvelist7gentoo1veracode6suse1alpinelinux3cbl_mariner6