VulnerableCode Package Details - pkg:alpm/archlinux/lib32-libtiff@4.3.0-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-25fx-7kmb-fqhm Aliases: CVE-2022-0924	Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-4mq7-s2p6-yufr Aliases: CVE-2022-0907	Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-5mak-1mkk-wkdg Aliases: CVE-2022-0561	NULL Pointer Dereference Null source pointer passed as an argument to `memcpy()` function within `TIFFFetchStripThing()` in `tif_dirread.c` in libtiff could lead to Denial of Service via crafted TIFF file.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-gmhp-4yx2-gfbv Aliases: CVE-2022-0909	Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-h6gn-kv5x-bbd5 Aliases: CVE-2022-0891	Out-of-bounds Write A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out-of-bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-kpq7-5vsv-pucy Aliases: CVE-2022-0908	NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-mhwh-tsst-cfaj Aliases: CVE-2022-22844	Out-of-bounds Read LibTIFF has an out-of-bounds read in `_TIFFmemcpy` in `tif_unix.c` in certain situations involving a custom tag and `0x0200` as the second word of the `DE` field.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-qsrb-hf2u-tudp Aliases: CVE-2022-0562	NULL Pointer Dereference Null source pointer passed as an argument to memcpy() function within `TIFFReadDirectory()` in `tif_dirread.c` in libtiff versions from to could lead to Denial of Service via a crafted TIFF file.	4.3.0-2 Affected by 0 other vulnerabilities.
VCID-zedn-437q-47b2 Aliases: CVE-2022-0865	Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.	4.3.0-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-25fx-7kmb-fqhm
Aliases:
CVE-2022-0924

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.