Denial Of Service (DoS)

2022-04-2422:00:22

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

47.6%

JSON

tiff is vulnerable to denial of service. The vulnerability exists when a Null source pointer is passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c.

CPENameOperatorVersion
tiff:edgeeq4.2.0-r1
tiff:edgeeq4.1.0-r0
tiff:edgeeq4.2.0-r0
tiff:edgeeq4.3.0-r0
tiff:3.15eq4.3.0-r0
tiff:3.14eq4.2.0-r1
tiff:3.13eq4.2.0-r0
tiff:3.13eq4.1.0-r2
tiff:edgeeq4.2.0-r1
tiff:edgeeq4.1.0-r0

Name	Operator	Version
tiff:edge	eq	4.2.0-r1
tiff:edge	eq	4.1.0-r0
tiff:edge	eq	4.2.0-r0
tiff:edge	eq	4.3.0-r0
tiff:3.15	eq	4.3.0-r0
tiff:3.14	eq	4.2.0-r1
tiff:3.13	eq	4.2.0-r0
tiff:3.13	eq	4.1.0-r2
tiff:edge	eq	4.2.0-r1
tiff:edge	eq	4.1.0-r0