Lucene search
Veracode Vulnerability DatabaseVERACODE:37670HistoryOct 24, 2022 - 6:05 a.m.
Denial Of Service (DoS)
2022-10-2406:05:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
libtiff vulnerability
denial of service
out-of-bounds write
extractimagesection function
tiff file crafted
0.006 Low
EPSS
Percentile
78.7%
libtiff.so is vulnerable to denial of service. The vulnerability is due to an out-of-bounds write using _TIFFmemcpy in the extractImageSection function in tiffcrop.c which allows an attacker to cause an application crash via a crafted tiff file.
References
github.com/advisories/GHSA-g8h6-gmhw-mc7m
gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json
gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
gitlab.com/libtiff/libtiff/-/issues/411
lists.debian.org/debian-lts-announce/2023/01/msg00018.html
security.netapp.com/advisory/ntap-20230110-0001/
www.debian.org/security/2023/dsa-5333
Related
cbl_mariner
cbl_mariner
CVE-2022-3627 affecting package libtiff 4.4.0-4
2022-11-24 00:45:37
CVE-2022-3627 affecting package libtiff for versions less than 4.4.0-6
2022-11-30 04:44:03
cve
cve
CVE-2022-3627
2022-10-21 16:15:11
osv
osv
CVE-2022-3627
2022-10-21 16:15:11
Moderate: libtiff security update
2023-05-16 00:00:00
Moderate: libtiff security update
2023-05-09 00:00:00
nvd
nvd
CVE-2022-3627
2022-10-21 16:15:11
prion
prion
Out-of-bounds
2022-10-21 16:15:00
ubuntucve
ubuntucve
CVE-2022-3627
2022-10-21 00:00:00
redhatcve
redhatcve
CVE-2022-3627
2022-11-28 10:26:11
alpinelinux
alpinelinux
CVE-2022-3627
2022-10-21 16:15:11
cvelist
cvelist
CVE-2022-3627
2022-10-21 00:00:00
cnvd
cnvd
LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72091)
2022-10-25 00:00:00
debiancve
debiancve
CVE-2022-3627
2022-10-21 16:15:11
amazon
amazon
Medium: libtiff
2023-08-17 11:58:00
Medium: libtiff
2023-08-17 11:58:00
almalinux
almalinux
Moderate: libtiff security update
2023-05-16 00:00:00
Moderate: libtiff security update
2023-05-09 00:00:00
nessus
nessus
CentOS 8 : libtiff (CESA-2023:2883)
2023-05-17 00:00:00
RHEL 8 : libtiff (RHSA-2023:2883)
2023-05-16 00:00:00
ibm
ibm
oraclelinux
oraclelinux
libtiff security update
2023-05-24 00:00:00
libtiff security update
2023-05-15 00:00:00
redhat
redhat
(RHSA-2023:2883) Moderate: libtiff security update
2023-05-16 05:57:15
(RHSA-2023:3813) Moderate: Migration Toolkit for Runtimes security update
2023-06-27 10:52:18
(RHSA-2023:2340) Moderate: libtiff security update
2023-05-09 05:07:52
mageia
mageia
Updated libtiff packages fix security vulnerability
2022-11-13 05:25:20
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0424)
2022-11-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4248-1)
2022-11-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4259-1)
2022-11-29 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-0516
2023-01-14 00:00:00
Moderate Photon OS Security Update - PHSA-2023-0307
2023-01-04 00:00:00
Moderate Photon OS Security Update - PHSA-2023-3.0-0516
2023-01-14 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 4.4.0-alt2
2022-12-27 00:00:00
cloudfoundry
cloudfoundry
USN-5714-1: LibTIFF vulnerabilities | Cloud Foundry
2022-12-07 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2022-11-08 00:00:00
debian
debian
[SECURITY] [DLA 3278-1] tiff security update
2023-01-20 22:37:38
[SECURITY] [DSA 5333-1] tiff security update
2023-01-29 12:55:02