Lucene search
Veracode Vulnerability DatabaseVERACODE:36850HistoryAug 30, 2022 - 8:10 a.m.
Denial Of Service (DoS)
2022-08-3008:10:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
denial of service
vulnerability
tiffcrop.c
software crash
crafted tiff file
0.001 Low
EPSS
Percentile
31.7%
libtiff.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to a heap buffer overflow in extractImageSection in process_command_opts function of tiffcrop.c which allows an attacker to cause an application crash via a crafted tiff file.
References
github.com/advisories/GHSA-xcmj-v3mr-j4qc
gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json
gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3
gitlab.com/libtiff/libtiff/-/issues/414
security.netapp.com/advisory/ntap-20221014-0008/
www.debian.org/security/2023/dsa-5333
Related
redhatcve
redhatcve
CVE-2022-2953
2022-10-13 15:30:21
nvd
nvd
CVE-2022-2953
2022-08-29 15:15:10
osv
osv
CVE-2022-2953
2022-08-29 15:15:10
Moderate: libtiff security update
2023-01-23 14:29:57
Moderate: libtiff security update
2023-01-23 00:00:00
alpinelinux
alpinelinux
CVE-2022-2953
2022-08-29 15:15:10
cve
cve
CVE-2022-2953
2022-08-29 15:15:10
cvelist
cvelist
CVE-2022-2953
2022-08-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-2953 affecting package libtiff 4.4.0-2
2022-10-13 00:40:13
CVE-2022-2953 affecting package libtiff for versions less than 4.4.0-4
2022-10-05 23:33:43
prion
prion
Out-of-bounds
2022-08-29 15:15:00
cnvd
cnvd
LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72102)
2022-08-31 00:00:00
debiancve
debiancve
CVE-2022-2953
2022-08-29 15:15:10
nessus
nessus
CBL Mariner 2.0 Security Update: libtiff (CVE-2022-2953)
2023-03-28 00:00:00
EulerOS 2.0 SP8 : libtiff (EulerOS-SA-2022-2799)
2022-12-08 00:00:00
EulerOS 2.0 SP5 : compat-libtiff3 (EulerOS-SA-2023-1494)
2023-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2022-2953
2022-08-29 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0518
2022-09-19 00:00:00
Moderate Photon OS Security Update - PHSA-2022-3.0-0451
2022-09-15 00:00:00
Important Photon OS Security Update - PHSA-2022-0245
2022-09-15 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2022-2799)
2022-12-09 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2022-2735)
2022-11-14 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1226)
2023-01-12 00:00:00
amazon
amazon
Medium: libtiff
2023-08-17 11:58:00
oraclelinux
oraclelinux
libtiff security update
2023-01-24 00:00:00
libtiff security update
2023-01-12 00:00:00
rocky
rocky
libtiff security update
2023-01-23 14:29:57
libtiff security update
2023-01-12 08:25:25
almalinux
almalinux
Moderate: libtiff security update
2023-01-23 00:00:00
Moderate: libtiff security update
2023-01-12 00:00:00
redhat
redhat
(RHSA-2023:0302) Moderate: libtiff security update
2023-01-23 14:29:57
(RHSA-2023:0095) Moderate: libtiff security update
2023-01-12 08:25:25
ibm
ibm
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in LibTIFF
2023-05-02 20:42:17
Security Bulletin: IBM Cloud Pak for Network Automation v2.4.4 fixes multiple security vulnerabilities
2023-03-02 09:08:33
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-02-24 19:49:04
cloudfoundry
cloudfoundry
USN-5714-1: LibTIFF vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2022-11-08 00:00:00
debian
debian
[SECURITY] [DSA 5333-1] tiff security update
2023-01-29 12:55:02