CVE-2022-34526

A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libtiff:libtiff:4.4.0:*:*:*:*:*:*:*

History

06 Aug 2022, 04:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ/ -

04 Aug 2022, 17:47

Type Values Removed Values Added
References (MISC) https://gitlab.com/libtiff/libtiff/-/issues/433 - (MISC) https://gitlab.com/libtiff/libtiff/-/issues/433 - Exploit, Issue Tracking, Patch, Third Party Advisory
CPE cpe:2.3:a:libtiff:libtiff:4.4.0:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
First Time Libtiff
Libtiff libtiff
CWE CWE-787

29 Jul 2022, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-07-29 23:15

Updated : 2022-08-06 04:15


NVD link : CVE-2022-34526

Mitre link : CVE-2022-34526


JSON object : View

Products Affected

libtiff

  • libtiff
CWE
CWE-787

Out-of-bounds Write