Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:conan/libtiff@4.4.0
Typeconan
Namespace
Namelibtiff
Version4.4.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.7.0
Latest_non_vulnerable_version4.7.0
Affected_by_vulnerabilities
0
url VCID-2u8w-cy3j-9fen
vulnerability_id VCID-2u8w-cy3j-9fen
summary 
Out-of-bounds Write
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0800.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0800.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0800
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07234
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07365
published_at 2026-04-21T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07278
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07256
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07311
published_at 2026-04-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07338
published_at 2026-04-09T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07335
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07323
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07313
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07243
published_at 2026-04-16T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07239
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0800
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/496
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://gitlab.com/libtiff/libtiff/-/issues/496
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170167
reference_id 2170167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170167
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0800
reference_id CVE-2023-0800
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0800
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json
reference_id CVE-2023-0800.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0002/
reference_id ntap-20230316-0002
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:01:02Z/
url https://security.netapp.com/advisory/ntap-20230316-0002/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://access.redhat.com/errata/RHSA-2023:5353
reference_id RHSA-2023:5353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5353
25
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0800
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u8w-cy3j-9fen
1
url VCID-44ee-ueju-ykae
vulnerability_id VCID-44ee-ueju-ykae
summary libtiff: division by zero issues in tiffcrop
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2057.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2057.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2057
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25763
published_at 2026-04-21T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25862
published_at 2026-04-12T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25805
published_at 2026-04-13T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25808
published_at 2026-04-16T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.2579
published_at 2026-04-18T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25771
published_at 2026-04-07T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.25841
published_at 2026-04-08T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25893
published_at 2026-04-09T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25904
published_at 2026-04-11T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27786
published_at 2026-04-02T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27824
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2057
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/427
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/427
28
reference_url https://gitlab.com/libtiff/libtiff/-/merge_requests/346
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/merge_requests/346
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494
reference_id 1014494
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2103222
reference_id 2103222
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2103222
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2057
reference_id CVE-2022-2057
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2057
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2057.json
reference_id CVE-2022-2057.JSON
reference_type
scores
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2057.json
34
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
35
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
36
reference_url https://usn.ubuntu.com/5619-1/
reference_id USN-5619-1
reference_type
scores
url https://usn.ubuntu.com/5619-1/
fixed_packages
aliases CVE-2022-2057
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44ee-ueju-ykae
2
url VCID-44zu-mtmq-57cm
vulnerability_id VCID-44zu-mtmq-57cm
summary 
Out-of-bounds Write
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0801.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0801.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0801
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07234
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07365
published_at 2026-04-21T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07278
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07256
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07311
published_at 2026-04-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07338
published_at 2026-04-09T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07335
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07323
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07313
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07243
published_at 2026-04-16T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07239
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0801
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/498
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://gitlab.com/libtiff/libtiff/-/issues/498
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170172
reference_id 2170172
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170172
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0801
reference_id CVE-2023-0801
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0801
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json
reference_id CVE-2023-0801.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0002/
reference_id ntap-20230316-0002
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:00:40Z/
url https://security.netapp.com/advisory/ntap-20230316-0002/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://access.redhat.com/errata/RHSA-2023:5353
reference_id RHSA-2023:5353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5353
25
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0801
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44zu-mtmq-57cm
3
url VCID-48tr-y71p-7fbb
vulnerability_id VCID-48tr-y71p-7fbb
summary libtiff: Assertion fail in rotateImage() function at tiffcrop.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2520
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18005
published_at 2026-04-21T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.17962
published_at 2026-04-16T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.17973
published_at 2026-04-18T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.18202
published_at 2026-04-02T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18256
published_at 2026-04-04T12:55:00Z
5
value 0.00058
scoring_system epss
scoring_elements 0.17957
published_at 2026-04-07T12:55:00Z
6
value 0.00058
scoring_system epss
scoring_elements 0.18043
published_at 2026-04-08T12:55:00Z
7
value 0.00058
scoring_system epss
scoring_elements 0.18104
published_at 2026-04-09T12:55:00Z
8
value 0.00058
scoring_system epss
scoring_elements 0.18113
published_at 2026-04-11T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.1807
published_at 2026-04-12T12:55:00Z
10
value 0.00058
scoring_system epss
scoring_elements 0.1802
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2520
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/424
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/424
28
reference_url https://gitlab.com/libtiff/libtiff/-/merge_requests/378
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/merge_requests/378
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
reference_id 1024670
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2122792
reference_id 2122792
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2122792
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2520
reference_id CVE-2022-2520
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2520
33
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
34
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
35
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-2520
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-48tr-y71p-7fbb
4
url VCID-4egk-vvjq-dyhw
vulnerability_id VCID-4egk-vvjq-dyhw
summary 
Out-of-bounds Read
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0795.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0795
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02005
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.0206
published_at 2026-04-21T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02015
published_at 2026-04-04T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02012
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.0203
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.01999
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.01995
published_at 2026-04-13T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.01973
published_at 2026-04-16T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.01975
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0795
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/493
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://gitlab.com/libtiff/libtiff/-/issues/493
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170119
reference_id 2170119
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170119
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0795
reference_id CVE-2023-0795
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0795
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json
reference_id CVE-2023-0795.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0003/
reference_id ntap-20230316-0003
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:12:34Z/
url https://security.netapp.com/advisory/ntap-20230316-0003/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0795
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4egk-vvjq-dyhw
5
url VCID-4pys-mah6-hfh6
vulnerability_id VCID-4pys-mah6-hfh6
summary 
Use After Free
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0799.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0799.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0799
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02715
published_at 2026-04-12T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02816
published_at 2026-04-21T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.0273
published_at 2026-04-04T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02737
published_at 2026-04-07T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.0274
published_at 2026-04-08T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.0276
published_at 2026-04-09T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02731
published_at 2026-04-11T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02712
published_at 2026-04-13T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02692
published_at 2026-04-16T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02702
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0799
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/494
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://gitlab.com/libtiff/libtiff/-/issues/494
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170162
reference_id 2170162
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170162
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0799
reference_id CVE-2023-0799
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0799
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json
reference_id CVE-2023-0799.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0003/
reference_id ntap-20230316-0003
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:34Z/
url https://security.netapp.com/advisory/ntap-20230316-0003/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0799
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4pys-mah6-hfh6
6
url VCID-4srx-3gbk-eqd3
vulnerability_id VCID-4srx-3gbk-eqd3
summary libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3626.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3626.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3626
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.10954
published_at 2026-04-13T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.10876
published_at 2026-04-07T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11009
published_at 2026-04-11T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.11006
published_at 2026-04-09T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.10952
published_at 2026-04-08T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.10977
published_at 2026-04-12T12:55:00Z
6
value 0.00039
scoring_system epss
scoring_elements 0.11632
published_at 2026-04-21T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.11505
published_at 2026-04-16T12:55:00Z
8
value 0.00039
scoring_system epss
scoring_elements 0.11509
published_at 2026-04-18T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.12191
published_at 2026-04-02T12:55:00Z
10
value 0.0004
scoring_system epss
scoring_elements 0.12237
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3626
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
reference_id 1022555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2142741
reference_id 2142741
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2142741
29
reference_url https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
reference_id 236b7191f04c60d09ee836ae13b50f812c841047
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T15:00:37Z/
url https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
30
reference_url https://gitlab.com/libtiff/libtiff/-/issues/426
reference_id 426
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T15:00:37Z/
url https://gitlab.com/libtiff/libtiff/-/issues/426
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3626
reference_id CVE-2022-3626
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-3626
32
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json
reference_id CVE-2022-3626.json
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T15:00:37Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json
33
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T15:00:37Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
34
reference_url https://security.netapp.com/advisory/ntap-20230110-0001/
reference_id ntap-20230110-0001
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T15:00:37Z/
url https://security.netapp.com/advisory/ntap-20230110-0001/
35
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
36
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-3626
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4srx-3gbk-eqd3
7
url VCID-6wzx-7a3m-ufhm
vulnerability_id VCID-6wzx-7a3m-ufhm
summary libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3627.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3627.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3627
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07606
published_at 2026-04-13T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.0762
published_at 2026-04-12T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07633
published_at 2026-04-11T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07614
published_at 2026-04-08T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.0815
published_at 2026-04-21T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.08007
published_at 2026-04-16T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.07992
published_at 2026-04-18T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08413
published_at 2026-04-04T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.0836
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3627
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
reference_id 1022555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2142742
reference_id 2142742
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2142742
29
reference_url https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
reference_id 236b7191f04c60d09ee836ae13b50f812c841047
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:56:43Z/
url https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
30
reference_url https://gitlab.com/libtiff/libtiff/-/issues/411
reference_id 411
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:56:43Z/
url https://gitlab.com/libtiff/libtiff/-/issues/411
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3627
reference_id CVE-2022-3627
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-3627
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json
reference_id CVE-2022-3627.json
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:56:43Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json
34
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:56:43Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
35
reference_url https://security.netapp.com/advisory/ntap-20230110-0001/
reference_id ntap-20230110-0001
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T14:56:43Z/
url https://security.netapp.com/advisory/ntap-20230110-0001/
36
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
37
reference_url https://access.redhat.com/errata/RHSA-2023:2883
reference_id RHSA-2023:2883
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2883
38
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-3627
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wzx-7a3m-ufhm
8
url VCID-76g4-kacn-7yg7
vulnerability_id VCID-76g4-kacn-7yg7
summary libtiff: Double free or corruption in rotateImage() function at tiffcrop.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2519
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31625
published_at 2026-04-21T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31678
published_at 2026-04-16T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31657
published_at 2026-04-18T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31775
published_at 2026-04-02T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31819
published_at 2026-04-04T12:55:00Z
5
value 0.00124
scoring_system epss
scoring_elements 0.31638
published_at 2026-04-07T12:55:00Z
6
value 0.00124
scoring_system epss
scoring_elements 0.31689
published_at 2026-04-08T12:55:00Z
7
value 0.00124
scoring_system epss
scoring_elements 0.31718
published_at 2026-04-09T12:55:00Z
8
value 0.00124
scoring_system epss
scoring_elements 0.31722
published_at 2026-04-11T12:55:00Z
9
value 0.00124
scoring_system epss
scoring_elements 0.31681
published_at 2026-04-12T12:55:00Z
10
value 0.00124
scoring_system epss
scoring_elements 0.31644
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2519
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/423
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/423
28
reference_url https://gitlab.com/libtiff/libtiff/-/merge_requests/378
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/merge_requests/378
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
reference_id 1024670
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2122789
reference_id 2122789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2122789
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2519
reference_id CVE-2022-2519
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2519
33
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
34
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
35
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-2519
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-76g4-kacn-7yg7
9
url VCID-8691-q4h3-eyaf
vulnerability_id VCID-8691-q4h3-eyaf
summary libtiff: division by zero issues in tiffcrop
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2058.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2058.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2058
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25763
published_at 2026-04-21T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25862
published_at 2026-04-12T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25805
published_at 2026-04-13T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25808
published_at 2026-04-16T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.2579
published_at 2026-04-18T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25771
published_at 2026-04-07T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.25841
published_at 2026-04-08T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25893
published_at 2026-04-09T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25904
published_at 2026-04-11T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27786
published_at 2026-04-02T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27824
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2058
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/428
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/428
28
reference_url https://gitlab.com/libtiff/libtiff/-/merge_requests/346
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/merge_requests/346
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494
reference_id 1014494
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2103222
reference_id 2103222
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2103222
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2058
reference_id CVE-2022-2058
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2058
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2058.json
reference_id CVE-2022-2058.JSON
reference_type
scores
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2058.json
34
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
35
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
36
reference_url https://usn.ubuntu.com/5619-1/
reference_id USN-5619-1
reference_type
scores
url https://usn.ubuntu.com/5619-1/
fixed_packages
aliases CVE-2022-2058
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8691-q4h3-eyaf
10
url VCID-ap6w-9c6j-akdp
vulnerability_id VCID-ap6w-9c6j-akdp
summary libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2521
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31625
published_at 2026-04-21T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31678
published_at 2026-04-16T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31657
published_at 2026-04-18T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31775
published_at 2026-04-02T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31819
published_at 2026-04-04T12:55:00Z
5
value 0.00124
scoring_system epss
scoring_elements 0.31638
published_at 2026-04-07T12:55:00Z
6
value 0.00124
scoring_system epss
scoring_elements 0.31689
published_at 2026-04-08T12:55:00Z
7
value 0.00124
scoring_system epss
scoring_elements 0.31718
published_at 2026-04-09T12:55:00Z
8
value 0.00124
scoring_system epss
scoring_elements 0.31722
published_at 2026-04-11T12:55:00Z
9
value 0.00124
scoring_system epss
scoring_elements 0.31681
published_at 2026-04-12T12:55:00Z
10
value 0.00124
scoring_system epss
scoring_elements 0.31644
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2521
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/422
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/422
28
reference_url https://gitlab.com/libtiff/libtiff/-/merge_requests/378
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/merge_requests/378
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
reference_id 1024670
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2122799
reference_id 2122799
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2122799
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2521
reference_id CVE-2022-2521
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2521
33
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
34
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
35
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-2521
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ap6w-9c6j-akdp
11
url VCID-b33v-b6h4-cqfe
vulnerability_id VCID-b33v-b6h4-cqfe
summary 
Out-of-bounds Write
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0804.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0804.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0804
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04817
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.04959
published_at 2026-04-21T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.04842
published_at 2026-04-04T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.0486
published_at 2026-04-07T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.04897
published_at 2026-04-11T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.04914
published_at 2026-04-09T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.04877
published_at 2026-04-12T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.04858
published_at 2026-04-13T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.04806
published_at 2026-04-16T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.04814
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0804
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/497
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://gitlab.com/libtiff/libtiff/-/issues/497
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170192
reference_id 2170192
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170192
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0804
reference_id CVE-2023-0804
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0804
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json
reference_id CVE-2023-0804.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FBF3UUFSB6NB3NFTQSKOOIZGXJP3T34Z/
reference_id FBF3UUFSB6NB3NFTQSKOOIZGXJP3T34Z
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FBF3UUFSB6NB3NFTQSKOOIZGXJP3T34Z/
21
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://security.gentoo.org/glsa/202305-31
22
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
23
reference_url https://security.netapp.com/advisory/ntap-20230324-0009/
reference_id ntap-20230324-0009
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T14:46:45Z/
url https://security.netapp.com/advisory/ntap-20230324-0009/
24
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
25
reference_url https://access.redhat.com/errata/RHSA-2023:5353
reference_id RHSA-2023:5353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5353
26
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0804
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b33v-b6h4-cqfe
12
url VCID-cw7d-us77-2fhv
vulnerability_id VCID-cw7d-us77-2fhv
summary 
Out-of-bounds Read
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0796.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0796.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0796
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02005
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.0206
published_at 2026-04-21T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02015
published_at 2026-04-04T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02012
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.0203
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.01999
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.01995
published_at 2026-04-13T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.01973
published_at 2026-04-16T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.01975
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0796
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/499
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://gitlab.com/libtiff/libtiff/-/issues/499
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170146
reference_id 2170146
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170146
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0796
reference_id CVE-2023-0796
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0796
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json
reference_id CVE-2023-0796.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0003/
reference_id ntap-20230316-0003
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:11:08Z/
url https://security.netapp.com/advisory/ntap-20230316-0003/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0796
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cw7d-us77-2fhv
13
url VCID-e6c2-ajs1-abdz
vulnerability_id VCID-e6c2-ajs1-abdz
summary libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3599.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3599.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3599
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.10852
published_at 2026-04-07T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.10952
published_at 2026-04-12T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.10984
published_at 2026-04-11T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.10983
published_at 2026-04-09T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.10928
published_at 2026-04-13T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.11596
published_at 2026-04-21T12:55:00Z
6
value 0.00039
scoring_system epss
scoring_elements 0.11468
published_at 2026-04-16T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.1147
published_at 2026-04-18T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.12168
published_at 2026-04-02T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.12214
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3599
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:34:19Z/
url https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
reference_id 1022555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2142740
reference_id 2142740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2142740
30
reference_url https://gitlab.com/libtiff/libtiff/-/issues/398
reference_id 398
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:34:19Z/
url https://gitlab.com/libtiff/libtiff/-/issues/398
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3599
reference_id CVE-2022-3599
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-3599
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json
reference_id CVE-2022-3599.json
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:34:19Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json
34
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:34:19Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
35
reference_url https://security.netapp.com/advisory/ntap-20230110-0001/
reference_id ntap-20230110-0001
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:34:19Z/
url https://security.netapp.com/advisory/ntap-20230110-0001/
36
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
37
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-3599
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6c2-ajs1-abdz
14
url VCID-pnpt-r4ke-fufh
vulnerability_id VCID-pnpt-r4ke-fufh
summary 
Out-of-bounds Write
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0803.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0803.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0803
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07234
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07365
published_at 2026-04-21T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07278
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07256
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07311
published_at 2026-04-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07338
published_at 2026-04-09T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07335
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07323
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07313
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07243
published_at 2026-04-16T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07239
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0803
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/501
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://gitlab.com/libtiff/libtiff/-/issues/501
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170187
reference_id 2170187
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170187
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0803
reference_id CVE-2023-0803
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0803
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json
reference_id CVE-2023-0803.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0002/
reference_id ntap-20230316-0002
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:54:51Z/
url https://security.netapp.com/advisory/ntap-20230316-0002/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://access.redhat.com/errata/RHSA-2023:5353
reference_id RHSA-2023:5353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5353
25
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0803
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pnpt-r4ke-fufh
15
url VCID-rmap-8g2y-abdc
vulnerability_id VCID-rmap-8g2y-abdc
summary libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3598.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3598.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3598
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11913
published_at 2026-04-02T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11827
published_at 2026-04-13T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11854
published_at 2026-04-12T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11893
published_at 2026-04-11T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.11882
published_at 2026-04-09T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.1183
published_at 2026-04-08T12:55:00Z
6
value 0.00039
scoring_system epss
scoring_elements 0.11959
published_at 2026-04-04T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.11747
published_at 2026-04-07T12:55:00Z
8
value 0.00041
scoring_system epss
scoring_elements 0.12548
published_at 2026-04-21T12:55:00Z
9
value 0.00041
scoring_system epss
scoring_elements 0.1243
published_at 2026-04-16T12:55:00Z
10
value 0.00041
scoring_system epss
scoring_elements 0.12434
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3598
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
reference_id 1022555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2142738
reference_id 2142738
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2142738
29
reference_url https://gitlab.com/libtiff/libtiff/-/issues/435
reference_id 435
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:33:41Z/
url https://gitlab.com/libtiff/libtiff/-/issues/435
30
reference_url https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
reference_id cfbb883bf6ea7bedcb04177cc4e52d304522fdff
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:33:41Z/
url https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
31
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3598
reference_id CVE-2022-3598
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-3598
32
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json
reference_id CVE-2022-3598.json
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:33:41Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json
33
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:33:41Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
34
reference_url https://security.netapp.com/advisory/ntap-20230110-0001/
reference_id ntap-20230110-0001
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:33:41Z/
url https://security.netapp.com/advisory/ntap-20230110-0001/
35
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
36
reference_url https://usn.ubuntu.com/5705-1/
reference_id USN-5705-1
reference_type
scores
url https://usn.ubuntu.com/5705-1/
37
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-3598
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rmap-8g2y-abdc
16
url VCID-s95z-s4sd-cffs
vulnerability_id VCID-s95z-s4sd-cffs
summary libtiff: division by zero issues in tiffcrop
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2056.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2056.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2056
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25763
published_at 2026-04-21T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25862
published_at 2026-04-12T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25805
published_at 2026-04-13T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25808
published_at 2026-04-16T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.2579
published_at 2026-04-18T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25771
published_at 2026-04-07T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.25841
published_at 2026-04-08T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25893
published_at 2026-04-09T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25904
published_at 2026-04-11T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27786
published_at 2026-04-02T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27824
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2056
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/415
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/415
28
reference_url https://gitlab.com/libtiff/libtiff/-/merge_requests/346
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/merge_requests/346
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494
reference_id 1014494
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2103222
reference_id 2103222
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2103222
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2056
reference_id CVE-2022-2056
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2056
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2056.json
reference_id CVE-2022-2056.JSON
reference_type
scores
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2056.json
34
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
35
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
36
reference_url https://usn.ubuntu.com/5619-1/
reference_id USN-5619-1
reference_type
scores
url https://usn.ubuntu.com/5619-1/
fixed_packages
aliases CVE-2022-2056
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s95z-s4sd-cffs
17
url VCID-tddn-m5ke-euas
vulnerability_id VCID-tddn-m5ke-euas
summary libtiff: A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34526.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34526.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34526
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42403
published_at 2026-04-21T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42499
published_at 2026-04-16T12:55:00Z
2
value 0.00203
scoring_system epss
scoring_elements 0.42474
published_at 2026-04-18T12:55:00Z
3
value 0.00203
scoring_system epss
scoring_elements 0.42465
published_at 2026-04-02T12:55:00Z
4
value 0.00203
scoring_system epss
scoring_elements 0.42495
published_at 2026-04-04T12:55:00Z
5
value 0.00203
scoring_system epss
scoring_elements 0.42433
published_at 2026-04-07T12:55:00Z
6
value 0.00203
scoring_system epss
scoring_elements 0.42484
published_at 2026-04-08T12:55:00Z
7
value 0.00203
scoring_system epss
scoring_elements 0.42493
published_at 2026-04-09T12:55:00Z
8
value 0.00203
scoring_system epss
scoring_elements 0.42516
published_at 2026-04-11T12:55:00Z
9
value 0.00203
scoring_system epss
scoring_elements 0.42479
published_at 2026-04-12T12:55:00Z
10
value 0.00203
scoring_system epss
scoring_elements 0.42449
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34526
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/issues/433
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/433
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2112756
reference_id 2112756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2112756
29
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-34526
reference_id CVE-2022-34526
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-34526
31
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-34526
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tddn-m5ke-euas
18
url VCID-tfyj-y9q3-t3ar
vulnerability_id VCID-tfyj-y9q3-t3ar
summary libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2953
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04434
published_at 2026-04-21T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04346
published_at 2026-04-12T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04325
published_at 2026-04-13T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04297
published_at 2026-04-16T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04305
published_at 2026-04-18T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04318
published_at 2026-04-07T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04351
published_at 2026-04-08T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04366
published_at 2026-04-09T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04359
published_at 2026-04-11T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.0764
published_at 2026-04-02T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07683
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2953
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3
28
reference_url https://gitlab.com/libtiff/libtiff/-/issues/414
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/414
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
reference_id 1024670
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2134432
reference_id 2134432
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2134432
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2953
reference_id CVE-2022-2953
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-2953
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json
reference_id CVE-2022-2953.JSON
reference_type
scores
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json
34
reference_url https://access.redhat.com/errata/RHSA-2023:0095
reference_id RHSA-2023:0095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0095
35
reference_url https://access.redhat.com/errata/RHSA-2023:0302
reference_id RHSA-2023:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0302
36
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-2953
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tfyj-y9q3-t3ar
19
url VCID-tg7w-mbkg-7uhj
vulnerability_id VCID-tg7w-mbkg-7uhj
summary 
Out-of-bounds Read
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0798.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0798.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0798
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02005
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.0206
published_at 2026-04-21T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02015
published_at 2026-04-04T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02012
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.0203
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.01999
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.01995
published_at 2026-04-13T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.01973
published_at 2026-04-16T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.01975
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0798
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/492
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://gitlab.com/libtiff/libtiff/-/issues/492
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170157
reference_id 2170157
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170157
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0798
reference_id CVE-2023-0798
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0798
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json
reference_id CVE-2023-0798.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0003/
reference_id ntap-20230316-0003
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:02:53Z/
url https://security.netapp.com/advisory/ntap-20230316-0003/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0798
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tg7w-mbkg-7uhj
20
url VCID-tgf9-ax81-fub4
vulnerability_id VCID-tgf9-ax81-fub4
summary libtiff: heap Buffer overflows in tiffcrop.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3570.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3570.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3570
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00645
published_at 2026-04-21T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00603
published_at 2026-04-18T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00597
published_at 2026-04-16T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.0062
published_at 2026-04-02T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00612
published_at 2026-04-04T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00614
published_at 2026-04-07T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00613
published_at 2026-04-08T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00607
published_at 2026-04-09T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00605
published_at 2026-04-11T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00602
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3570
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c
28
reference_url https://gitlab.com/libtiff/libtiff/-/issues/381
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/381
29
reference_url https://gitlab.com/libtiff/libtiff/-/issues/386
reference_id
reference_type
scores
url https://gitlab.com/libtiff/libtiff/-/issues/386
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
reference_id 1022555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2142734
reference_id 2142734
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2142734
32
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3570
reference_id CVE-2022-3570
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-3570
34
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json
reference_id CVE-2022-3570.JSON
reference_type
scores
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3570.json
35
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
36
reference_url https://usn.ubuntu.com/5705-1/
reference_id USN-5705-1
reference_type
scores
url https://usn.ubuntu.com/5705-1/
37
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-3570
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tgf9-ax81-fub4
21
url VCID-vrtj-45t6-cqec
vulnerability_id VCID-vrtj-45t6-cqec
summary 
Out-of-bounds Write
A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30775.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-30775
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19575
published_at 2026-04-21T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19563
published_at 2026-04-18T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23281
published_at 2026-04-12T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23346
published_at 2026-04-02T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23297
published_at 2026-04-09T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23319
published_at 2026-04-11T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23223
published_at 2026-04-13T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.2324
published_at 2026-04-16T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.23385
published_at 2026-04-04T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23174
published_at 2026-04-07T12:55:00Z
10
value 0.00078
scoring_system epss
scoring_elements 0.23247
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-30775
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2187141
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-21T17:29:52Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2187141
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30775
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.com/libtiff/libtiff/-/issues/464
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-21T17:29:52Z/
url https://gitlab.com/libtiff/libtiff/-/issues/464
6
reference_url https://access.redhat.com/security/cve/CVE-2023-30775
reference_id CVE-2023-30775
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-21T17:29:52Z/
url https://access.redhat.com/security/cve/CVE-2023-30775
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-30775
reference_id CVE-2023-30775
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-30775
8
reference_url https://security.netapp.com/advisory/ntap-20230703-0002/
reference_id ntap-20230703-0002
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-21T17:29:52Z/
url https://security.netapp.com/advisory/ntap-20230703-0002/
9
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-30775
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrtj-45t6-cqec
22
url VCID-vu6r-464p-4ue3
vulnerability_id VCID-vu6r-464p-4ue3
summary 
Out-of-bounds Read
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4645.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4645.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4645
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01862
published_at 2026-04-02T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01921
published_at 2026-04-21T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01874
published_at 2026-04-07T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01877
published_at 2026-04-08T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01891
published_at 2026-04-09T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01876
published_at 2026-04-11T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01861
published_at 2026-04-12T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01856
published_at 2026-04-13T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01839
published_at 2026-04-16T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01837
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4645
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
28
reference_url https://gitlab.com/libtiff/libtiff/-/issues/277
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://gitlab.com/libtiff/libtiff/-/issues/277
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2176220
reference_id 2176220
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2176220
30
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZTFA6GGOKFPIQNHDBMXYUR4XUXUJESE/
reference_id 2ZTFA6GGOKFPIQNHDBMXYUR4XUXUJESE
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZTFA6GGOKFPIQNHDBMXYUR4XUXUJESE/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA6GRCAQ7NR2OK5N44UQRGUJBIYKWJJH/
reference_id BA6GRCAQ7NR2OK5N44UQRGUJBIYKWJJH
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BA6GRCAQ7NR2OK5N44UQRGUJBIYKWJJH/
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4645
reference_id CVE-2022-4645
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-4645
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json
reference_id CVE-2022-4645.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json
34
reference_url https://security.netapp.com/advisory/ntap-20230331-0001/
reference_id ntap-20230331-0001
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://security.netapp.com/advisory/ntap-20230331-0001/
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLM763GGZVVOAXIQXG6YGTYJ5VFYNECQ/
reference_id OLM763GGZVVOAXIQXG6YGTYJ5VFYNECQ
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T20:04:27Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLM763GGZVVOAXIQXG6YGTYJ5VFYNECQ/
36
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
37
reference_url https://access.redhat.com/errata/RHSA-2024:3059
reference_id RHSA-2024:3059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3059
fixed_packages
aliases CVE-2022-4645
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vu6r-464p-4ue3
23
url VCID-wza2-4rcj-hkcd
vulnerability_id VCID-wza2-4rcj-hkcd
summary 
Out-of-bounds Read
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0797.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0797.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0797
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02005
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.0206
published_at 2026-04-21T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02015
published_at 2026-04-04T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02012
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.0203
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.01999
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.01995
published_at 2026-04-13T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.01973
published_at 2026-04-16T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.01975
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0797
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:03:19Z/
url https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/495
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:03:19Z/
url https://gitlab.com/libtiff/libtiff/-/issues/495
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170151
reference_id 2170151
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170151
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0797
reference_id CVE-2023-0797
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0797
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json
reference_id CVE-2023-0797.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:03:19Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:03:19Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:03:19Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T19:03:19Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
23
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0797
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wza2-4rcj-hkcd
24
url VCID-x9xf-wuyn-6ffg
vulnerability_id VCID-x9xf-wuyn-6ffg
summary 
Out-of-bounds Write
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0802.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0802.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0802
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07234
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07365
published_at 2026-04-21T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07278
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07256
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07311
published_at 2026-04-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07338
published_at 2026-04-09T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07335
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07323
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07313
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07243
published_at 2026-04-16T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07239
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0802
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0796
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0797
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0798
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0799
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0800
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0801
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0802
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0803
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0804
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00
14
reference_url https://gitlab.com/libtiff/libtiff/-/issues/500
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://gitlab.com/libtiff/libtiff/-/issues/500
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
reference_id 1031632
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170178
reference_id 2170178
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170178
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0802
reference_id CVE-2023-0802
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-0802
18
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json
reference_id CVE-2023-0802.JSON
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json
19
reference_url https://www.debian.org/security/2023/dsa-5361
reference_id dsa-5361
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://www.debian.org/security/2023/dsa-5361
20
reference_url https://security.gentoo.org/glsa/202305-31
reference_id GLSA-202305-31
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://security.gentoo.org/glsa/202305-31
21
reference_url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
reference_id msg00026.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://lists.debian.org/debian-lts-announce/2023/02/msg00026.html
22
reference_url https://security.netapp.com/advisory/ntap-20230316-0002/
reference_id ntap-20230316-0002
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T18:59:46Z/
url https://security.netapp.com/advisory/ntap-20230316-0002/
23
reference_url https://access.redhat.com/errata/RHSA-2023:3711
reference_id RHSA-2023:3711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3711
24
reference_url https://access.redhat.com/errata/RHSA-2023:5353
reference_id RHSA-2023:5353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5353
25
reference_url https://usn.ubuntu.com/5923-1/
reference_id USN-5923-1
reference_type
scores
url https://usn.ubuntu.com/5923-1/
fixed_packages
0
url pkg:conan/libtiff@4.5.0
purl pkg:conan/libtiff@4.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4mhv-7vrm-v7hv
1
vulnerability VCID-6dt6-ppka-b3ct
2
vulnerability VCID-cwen-8yyj-x3aw
3
vulnerability VCID-ju1t-bhyh-v7du
4
vulnerability VCID-k8kt-55y9-qyac
5
vulnerability VCID-ndwc-beev-43ck
6
vulnerability VCID-xmwn-vxux-h7g3
7
vulnerability VCID-z1vf-mhw2-ducs
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0
aliases CVE-2023-0802
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9xf-wuyn-6ffg
25
url VCID-zwbu-yezc-4yck
vulnerability_id VCID-zwbu-yezc-4yck
summary libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3597.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3597.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3597
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07556
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07606
published_at 2026-04-13T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.0762
published_at 2026-04-12T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07633
published_at 2026-04-11T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07614
published_at 2026-04-08T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.0815
published_at 2026-04-21T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.08007
published_at 2026-04-16T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.07992
published_at 2026-04-18T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.0836
published_at 2026-04-02T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08413
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3597
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281
26
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
reference_id 1022555
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555
28
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2142736
reference_id 2142736
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2142736
29
reference_url https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
reference_id 236b7191f04c60d09ee836ae13b50f812c841047
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:48:53Z/
url https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
30
reference_url https://gitlab.com/libtiff/libtiff/-/issues/413
reference_id 413
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:48:53Z/
url https://gitlab.com/libtiff/libtiff/-/issues/413
31
reference_url https://security.archlinux.org/AVG-2842
reference_id AVG-2842
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2842
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3597
reference_id CVE-2022-3597
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-3597
33
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json
reference_id CVE-2022-3597.json
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:48:53Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json
34
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:48:53Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html
35
reference_url https://security.netapp.com/advisory/ntap-20230110-0001/
reference_id ntap-20230110-0001
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:48:53Z/
url https://security.netapp.com/advisory/ntap-20230110-0001/
36
reference_url https://access.redhat.com/errata/RHSA-2023:2340
reference_id RHSA-2023:2340
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2340
37
reference_url https://usn.ubuntu.com/5714-1/
reference_id USN-5714-1
reference_type
scores
url https://usn.ubuntu.com/5714-1/
fixed_packages
aliases CVE-2022-3597
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwbu-yezc-4yck
Fixing_vulnerabilities
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0