Your submission was sent successfully! Close

CVE-2022-0865

Published: 10 March 2022

Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
bionic
Released (4.0.9-5ubuntu0.5)
focal
Released (4.1.0+git191117-2ubuntu0.20.04.3)
impish
Released (4.3.0-1ubuntu0.1)
jammy Not vulnerable
(4.3.0-5)
trusty Not vulnerable
(code not present)
upstream
Released (4.3.0-5)
xenial Not vulnerable
(code not present)