{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","type":"conan","namespace":"","name":"libtiff","version":"4.4.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.1","latest_non_vulnerable_version":"4.5.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44446?format=json","vulnerability_id":"VCID-2chc-4dg7-eyah","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/498","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/498"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0801","reference_id":"CVE-2023-0801","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0801"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json","reference_id":"CVE-2023-0801.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2chc-4dg7-eyah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44431?format=json","vulnerability_id":"VCID-2q3f-jw6b-w7dp","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/495","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/495"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0797","reference_id":"CVE-2023-0797","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0797"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json","reference_id":"CVE-2023-0797.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0797"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2q3f-jw6b-w7dp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44445?format=json","vulnerability_id":"VCID-6daw-xvw5-tyfw","summary":"Use After Free\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/494","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/494"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0799","reference_id":"CVE-2023-0799","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0799"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json","reference_id":"CVE-2023-0799.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0799"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6daw-xvw5-tyfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44576?format=json","vulnerability_id":"VCID-6rz4-7zc4-bfcd","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/277","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/277"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4645","reference_id":"CVE-2022-4645","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4645"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json","reference_id":"CVE-2022-4645.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json"}],"fixed_packages":[],"aliases":["CVE-2022-4645"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rz4-7zc4-bfcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44437?format=json","vulnerability_id":"VCID-bhkq-eqaw-1fba","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/496","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/496"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0800","reference_id":"CVE-2023-0800","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0800"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json","reference_id":"CVE-2023-0800.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0800"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhkq-eqaw-1fba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44430?format=json","vulnerability_id":"VCID-ccsd-p6nq-93ae","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/500","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/500"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0802","reference_id":"CVE-2023-0802","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0802"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json","reference_id":"CVE-2023-0802.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0802"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccsd-p6nq-93ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44435?format=json","vulnerability_id":"VCID-n6xy-jdpr-tfbq","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/493","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/493"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0795","reference_id":"CVE-2023-0795","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0795"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json","reference_id":"CVE-2023-0795.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0795"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xy-jdpr-tfbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44439?format=json","vulnerability_id":"VCID-pnp2-whuf-w3d7","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/497","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/497"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0804","reference_id":"CVE-2023-0804","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0804"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json","reference_id":"CVE-2023-0804.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0804"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pnp2-whuf-w3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44440?format=json","vulnerability_id":"VCID-rben-hn5u-kqdh","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/492","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/492"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0798","reference_id":"CVE-2023-0798","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0798"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json","reference_id":"CVE-2023-0798.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0798"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rben-hn5u-kqdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44443?format=json","vulnerability_id":"VCID-tynz-dfpk-6kgb","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/501","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/501"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0803","reference_id":"CVE-2023-0803","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0803"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json","reference_id":"CVE-2023-0803.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0803"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tynz-dfpk-6kgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45239?format=json","vulnerability_id":"VCID-xms6-c2j7-hfh8","summary":"Out-of-bounds Write\nA vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.","references":[{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187141","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187141"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/464","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/464"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-30775","reference_id":"CVE-2023-30775","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-30775"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30775","reference_id":"CVE-2023-30775","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30775"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-30775"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xms6-c2j7-hfh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44434?format=json","vulnerability_id":"VCID-yfgk-2pdu-w3gc","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/499","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/499"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0796","reference_id":"CVE-2023-0796","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0796"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json","reference_id":"CVE-2023-0796.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/63671?format=json","purl":"pkg:conan/libtiff@4.5.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8pzd-tzc6-w7a8"},{"vulnerability":"VCID-arvt-qqf4-wbg2"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-dgyb-2jpx-7ber"},{"vulnerability":"VCID-g46h-2sqe-xkbk"},{"vulnerability":"VCID-q39u-5dd6-qyd2"},{"vulnerability":"VCID-trbp-mf1m-6kbm"},{"vulnerability":"VCID-y3yu-p8ng-buhc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.5.0"}],"aliases":["CVE-2023-0796"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfgk-2pdu-w3gc"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3174?format=json","vulnerability_id":"VCID-2z91-euur-mkg6","summary":"","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/410","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/410"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1622","reference_id":"CVE-2022-1622","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1622"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json","reference_id":"CVE-2022-1622.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-1622"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2z91-euur-mkg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4923?format=json","vulnerability_id":"VCID-9fb5-82gn-c7em","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/393","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/393"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/310","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/310"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0909","reference_id":"CVE-2022-0909","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0909"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json","reference_id":"CVE-2022-0909.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0909"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fb5-82gn-c7em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3173?format=json","vulnerability_id":"VCID-9vzm-g4pv-dkga","summary":"","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/410","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/410"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1623","reference_id":"CVE-2022-1623","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1623"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json","reference_id":"CVE-2022-1623.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-1623"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vzm-g4pv-dkga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42794?format=json","vulnerability_id":"VCID-anfx-xj8v-kfg8","summary":"Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/391","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/391"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/307","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/307"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1056","reference_id":"CVE-2022-1056","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1056"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json","reference_id":"CVE-2022-1056.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-1056"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-anfx-xj8v-kfg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4926?format=json","vulnerability_id":"VCID-b1uw-w9nk-v3ht","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/380","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/380"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/382","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/382"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0891","reference_id":"CVE-2022-0891","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0891"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json","reference_id":"CVE-2022-0891.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0891"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1uw-w9nk-v3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4928?format=json","vulnerability_id":"VCID-gh3j-c1nj-sfby","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/362","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/362"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0562","reference_id":"CVE-2022-0562","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0562"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json","reference_id":"CVE-2022-0562.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0562"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gh3j-c1nj-sfby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4921?format=json","vulnerability_id":"VCID-hbjb-er6u-37dz","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/355","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/355"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/287","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/287"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22844","reference_id":"CVE-2022-22844","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22844"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-22844"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbjb-er6u-37dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45902?format=json","vulnerability_id":"VCID-hhgz-j76b-k7d4","summary":"Loop with Unreachable Exit Condition ('Infinite Loop')\nAn issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/455","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/455"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/386","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/386"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40090","reference_id":"CVE-2022-40090","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40090"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-40090"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhgz-j76b-k7d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4927?format=json","vulnerability_id":"VCID-jm7h-py2k-c7ha","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/385","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/385"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/306","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/306"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0865","reference_id":"CVE-2022-0865","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0865"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json","reference_id":"CVE-2022-0865.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0865"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7h-py2k-c7ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4929?format=json","vulnerability_id":"VCID-nrc9-7pss-6bgh","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/362","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/362"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0561","reference_id":"CVE-2022-0561","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0561"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json","reference_id":"CVE-2022-0561.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0561"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrc9-7pss-6bgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4924?format=json","vulnerability_id":"VCID-r2hy-dcn6-kfb8","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/383","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/383"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0908","reference_id":"CVE-2022-0908","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0908"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json","reference_id":"CVE-2022-0908.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0908"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2hy-dcn6-kfb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4925?format=json","vulnerability_id":"VCID-ugr8-526g-5uhc","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/392","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/392"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/314","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/314"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0907","reference_id":"CVE-2022-0907","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0907"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json","reference_id":"CVE-2022-0907.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0907"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugr8-526g-5uhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4922?format=json","vulnerability_id":"VCID-wxte-z2qm-xues","summary":"multiple issues","references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/278","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/278"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/311","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/311"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0924","reference_id":"CVE-2022-0924","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0924"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json","reference_id":"CVE-2022-0924.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-0924"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxte-z2qm-xues"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42835?format=json","vulnerability_id":"VCID-yx35-45k4-2yaf","summary":"Uncontrolled Resource Consumption\nA vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the public and may be used.","references":[{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/402","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/402"},{"reference_url":"https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/uploads/c3da94e53cf1e1e8e6d4d3780dc8c42f/example.tiff"},{"reference_url":"https://vuldb.com/?id.196363","reference_id":"","reference_type":"","scores":[],"url":"https://vuldb.com/?id.196363"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1210","reference_id":"CVE-2022-1210","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1210"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/60116?format=json","purl":"pkg:conan/libtiff@4.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2chc-4dg7-eyah"},{"vulnerability":"VCID-2q3f-jw6b-w7dp"},{"vulnerability":"VCID-6daw-xvw5-tyfw"},{"vulnerability":"VCID-6rz4-7zc4-bfcd"},{"vulnerability":"VCID-bhkq-eqaw-1fba"},{"vulnerability":"VCID-ccsd-p6nq-93ae"},{"vulnerability":"VCID-n6xy-jdpr-tfbq"},{"vulnerability":"VCID-pnp2-whuf-w3d7"},{"vulnerability":"VCID-rben-hn5u-kqdh"},{"vulnerability":"VCID-tynz-dfpk-6kgb"},{"vulnerability":"VCID-xms6-c2j7-hfh8"},{"vulnerability":"VCID-yfgk-2pdu-w3gc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}],"aliases":["CVE-2022-1210"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yx35-45k4-2yaf"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libtiff@4.4.0"}