Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/60115?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/60115?format=api", "purl": "pkg:conan/libtiff@4.3.0", "type": "conan", "namespace": "", "name": "libtiff", "version": "4.3.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.5.1", "latest_non_vulnerable_version": "4.5.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3174?format=api", "vulnerability_id": "VCID-2z91-euur-mkg6", "summary": "", "references": [ { "reference_url": "https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/410" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1622", "reference_id": "CVE-2022-1622", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1622" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json", "reference_id": "CVE-2022-1622.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-1622" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2z91-euur-mkg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4923?format=api", "vulnerability_id": "VCID-9fb5-82gn-c7em", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/393" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/310" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0909", "reference_id": "CVE-2022-0909", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0909" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json", "reference_id": "CVE-2022-0909.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0909" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9fb5-82gn-c7em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3173?format=api", "vulnerability_id": "VCID-9vzm-g4pv-dkga", "summary": "", "references": [ { "reference_url": "https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/410" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1623", "reference_id": "CVE-2022-1623", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1623" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json", "reference_id": "CVE-2022-1623.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-1623" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9vzm-g4pv-dkga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42794?format=api", "vulnerability_id": "VCID-anfx-xj8v-kfg8", "summary": "Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.", "references": [ { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/391" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/307" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1056", "reference_id": "CVE-2022-1056", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1056" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json", "reference_id": "CVE-2022-1056.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-1056" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-anfx-xj8v-kfg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4926?format=api", "vulnerability_id": "VCID-b1uw-w9nk-v3ht", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/380" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/382" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0891", "reference_id": "CVE-2022-0891", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0891" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json", "reference_id": "CVE-2022-0891.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0891" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1uw-w9nk-v3ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4928?format=api", "vulnerability_id": "VCID-gh3j-c1nj-sfby", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/362" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0562", "reference_id": "CVE-2022-0562", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0562" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json", "reference_id": "CVE-2022-0562.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0562" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gh3j-c1nj-sfby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4921?format=api", "vulnerability_id": "VCID-hbjb-er6u-37dz", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/355" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/287" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22844", "reference_id": "CVE-2022-22844", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22844" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-22844" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbjb-er6u-37dz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4927?format=api", "vulnerability_id": "VCID-jm7h-py2k-c7ha", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/385" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/306" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0865", "reference_id": "CVE-2022-0865", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0865" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json", "reference_id": "CVE-2022-0865.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0865" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7h-py2k-c7ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4929?format=api", "vulnerability_id": "VCID-nrc9-7pss-6bgh", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/362" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0561", "reference_id": "CVE-2022-0561", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0561" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json", "reference_id": "CVE-2022-0561.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0561" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrc9-7pss-6bgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4924?format=api", "vulnerability_id": "VCID-r2hy-dcn6-kfb8", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/383" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0908", "reference_id": "CVE-2022-0908", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0908" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json", "reference_id": "CVE-2022-0908.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0908" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r2hy-dcn6-kfb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4925?format=api", "vulnerability_id": "VCID-ugr8-526g-5uhc", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/392" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/314", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/314" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0907", "reference_id": "CVE-2022-0907", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0907" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json", "reference_id": "CVE-2022-0907.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0907" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ugr8-526g-5uhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4922?format=api", "vulnerability_id": "VCID-wxte-z2qm-xues", "summary": "multiple issues", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/278" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/311" }, { "reference_url": "https://security.archlinux.org/ASA-202204-6", "reference_id": "ASA-202204-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202204-6" }, { "reference_url": "https://security.archlinux.org/AVG-2658", "reference_id": "AVG-2658", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2658" }, { "reference_url": "https://security.archlinux.org/AVG-2659", "reference_id": "AVG-2659", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2659" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0924", "reference_id": "CVE-2022-0924", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0924" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json", "reference_id": "CVE-2022-0924.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-0924" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxte-z2qm-xues" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42835?format=api", "vulnerability_id": "VCID-yx35-45k4-2yaf", "summary": "Uncontrolled Resource Consumption\nA vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.", "references": [ { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/402" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff" }, { "reference_url": "https://vuldb.com/?id.196363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://vuldb.com/?id.196363" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1210", "reference_id": "CVE-2022-1210", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1210" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60116?format=api", "purl": "pkg:conan/libtiff@4.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2chc-4dg7-eyah" }, { "vulnerability": "VCID-2q3f-jw6b-w7dp" }, { "vulnerability": "VCID-6daw-xvw5-tyfw" }, { "vulnerability": "VCID-6rz4-7zc4-bfcd" }, { "vulnerability": "VCID-bhkq-eqaw-1fba" }, { "vulnerability": "VCID-ccsd-p6nq-93ae" }, { "vulnerability": "VCID-n6xy-jdpr-tfbq" }, { "vulnerability": "VCID-pnp2-whuf-w3d7" }, { "vulnerability": "VCID-rben-hn5u-kqdh" }, { "vulnerability": "VCID-tynz-dfpk-6kgb" }, { "vulnerability": "VCID-xms6-c2j7-hfh8" }, { "vulnerability": "VCID-yfgk-2pdu-w3gc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0" } ], "aliases": [ "CVE-2022-1210" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yx35-45k4-2yaf" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45236?format=api", "vulnerability_id": "VCID-c9w3-hck6-q3g1", "summary": "Out-of-bounds Write\nA vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.", "references": [ { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187139" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/463" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-30774", "reference_id": "CVE-2023-30774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/CVE-2023-30774" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30774", "reference_id": "CVE-2023-30774", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30774" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/60115?format=api", "purl": "pkg:conan/libtiff@4.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2z91-euur-mkg6" }, { "vulnerability": "VCID-9fb5-82gn-c7em" }, { "vulnerability": "VCID-9vzm-g4pv-dkga" }, { "vulnerability": "VCID-anfx-xj8v-kfg8" }, { "vulnerability": "VCID-b1uw-w9nk-v3ht" }, { "vulnerability": "VCID-gh3j-c1nj-sfby" }, { "vulnerability": "VCID-hbjb-er6u-37dz" }, { "vulnerability": "VCID-jm7h-py2k-c7ha" }, { "vulnerability": "VCID-nrc9-7pss-6bgh" }, { "vulnerability": "VCID-r2hy-dcn6-kfb8" }, { "vulnerability": "VCID-ugr8-526g-5uhc" }, { "vulnerability": "VCID-wxte-z2qm-xues" }, { "vulnerability": "VCID-yx35-45k4-2yaf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.3.0" } ], "aliases": [ "CVE-2023-30774" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9w3-hck6-q3g1" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.3.0" }