rpm package
suse/tiff&distro=SUSE Linux Enterprise Module for Basesystem 15 SP4
pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
Vulnerabilities (49)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-1622 | — | < 4.0.9-150000.45.35.1 | 4.0.9-150000.45.35.1 | May 11, 2022 | LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa. | ||
| CVE-2022-1056 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Mar 28, 2022 | Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd. | ||
| CVE-2022-0924 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Mar 11, 2022 | Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4. | ||
| CVE-2022-0909 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Mar 11, 2022 | Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa. | ||
| CVE-2022-0908 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Mar 11, 2022 | Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. | ||
| CVE-2022-0891 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Mar 9, 2022 | A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any ot | ||
| CVE-2022-0865 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Mar 7, 2022 | Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045. | ||
| CVE-2022-0562 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Feb 11, 2022 | Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 5615 | ||
| CVE-2022-0561 | — | < 4.0.9-150000.45.8.1 | 4.0.9-150000.45.8.1 | Feb 11, 2022 | Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commi |
- CVE-2022-1622May 11, 2022affected < 4.0.9-150000.45.35.1fixed 4.0.9-150000.45.35.1
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
- CVE-2022-1056Mar 28, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.
- CVE-2022-0924Mar 11, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
- CVE-2022-0909Mar 11, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
- CVE-2022-0908Mar 11, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
- CVE-2022-0891Mar 9, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any ot
- CVE-2022-0865Mar 7, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.
- CVE-2022-0562Feb 11, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 5615
- CVE-2022-0561Feb 11, 2022affected < 4.0.9-150000.45.8.1fixed 4.0.9-150000.45.8.1
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commi
Page 3 of 3