VulnerableCode Package Details - pkg:rpm/redhat/libtiff@4.0.9-26?arch=el8_7

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:rpm/redhat/libtiff@4.0.9-26?arch=el8_7

Essentials
History (10)

purl	pkg:rpm/redhat/libtiff@4.0.9-26?arch=el8_7

Next non-vulnerable version	None.
Latest non-vulnerable version	None.
Risk	3.0

Vulnerabilities affecting this package (10)

Vulnerability	Summary	Fixed by
VCID-44ee-ueju-ykae Aliases: CVE-2022-2057	libtiff: division by zero issues in tiffcrop	There are no reported fixed by versions.
VCID-48tr-y71p-7fbb Aliases: CVE-2022-2520	libtiff: Assertion fail in rotateImage() function at tiffcrop.c	There are no reported fixed by versions.
VCID-6kck-g3z6-cuge Aliases: CVE-2022-2867	libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c	There are no reported fixed by versions.
VCID-76g4-kacn-7yg7 Aliases: CVE-2022-2519	libtiff: Double free or corruption in rotateImage() function at tiffcrop.c	There are no reported fixed by versions.
VCID-8691-q4h3-eyaf Aliases: CVE-2022-2058	libtiff: division by zero issues in tiffcrop	There are no reported fixed by versions.
VCID-ap6w-9c6j-akdp Aliases: CVE-2022-2521	libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c	There are no reported fixed by versions.
VCID-ruhz-ty5e-nkgr Aliases: CVE-2022-2869	libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits()	There are no reported fixed by versions.
VCID-s95z-s4sd-cffs Aliases: CVE-2022-2056	libtiff: division by zero issues in tiffcrop	There are no reported fixed by versions.
VCID-tfyj-y9q3-t3ar Aliases: CVE-2022-2953	libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c	There are no reported fixed by versions.
VCID-vzr7-wz88-h7gx Aliases: CVE-2022-2868	libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits()	There are no reported fixed by versions.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T14:00:55.504275+00:00	RedHat Importer	Affected by	VCID-vzr7-wz88-h7gx	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2868.json	38.0.0
2026-04-01T14:00:38.652001+00:00	RedHat Importer	Affected by	VCID-ruhz-ty5e-nkgr	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2869.json	38.0.0
2026-04-01T14:00:38.616396+00:00	RedHat Importer	Affected by	VCID-6kck-g3z6-cuge	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2867.json	38.0.0
2026-04-01T13:58:26.971844+00:00	RedHat Importer	Affected by	VCID-ap6w-9c6j-akdp	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json	38.0.0
2026-04-01T13:58:26.927551+00:00	RedHat Importer	Affected by	VCID-48tr-y71p-7fbb	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json	38.0.0
2026-04-01T13:58:26.882301+00:00	RedHat Importer	Affected by	VCID-76g4-kacn-7yg7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json	38.0.0
2026-04-01T13:58:03.871992+00:00	RedHat Importer	Affected by	VCID-8691-q4h3-eyaf	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2058.json	38.0.0
2026-04-01T13:58:03.827954+00:00	RedHat Importer	Affected by	VCID-44ee-ueju-ykae	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2057.json	38.0.0
2026-04-01T13:58:03.783227+00:00	RedHat Importer	Affected by	VCID-s95z-s4sd-cffs	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2056.json	38.0.0
2026-04-01T13:57:20.989363+00:00	RedHat Importer	Affected by	VCID-tfyj-y9q3-t3ar	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json	38.0.0