Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-adgf-gyyp-9ubc

Summary Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.

Aliases

alias	CVE-2010-2065

Fixed_packages

url	pkg:deb/debian/tiff@3.9.4-1?distro=trixie
purl	pkg:deb/debian/tiff@3.9.4-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qdp-vzrd-uqgc

vulnerability	VCID-5zvp-ysut-juep

vulnerability	VCID-6hf4-rc1a-pbg6

vulnerability	VCID-6v96-k8cs-13f7

vulnerability	VCID-92dt-g6m8-fufk

vulnerability	VCID-anfx-xj8v-kfg8

vulnerability	VCID-c7nt-5d64-kkev

vulnerability	VCID-d52s-g5c7-qka3

vulnerability	VCID-fbks-9s7e-wfcj

vulnerability	VCID-gyvd-4m8g-jkdu

vulnerability	VCID-hhgz-j76b-k7d4

vulnerability	VCID-kxdc-8rht-vfdy

vulnerability	VCID-n3p5-9ykg-sufd

vulnerability	VCID-nwgs-pqj7-xkbs

vulnerability	VCID-su9v-ewt3-6ua8

vulnerability	VCID-xg35-8jbc-wqa4

vulnerability	VCID-xms6-c2j7-hfh8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qdp-vzrd-uqgc

vulnerability	VCID-5zvp-ysut-juep

vulnerability	VCID-6hf4-rc1a-pbg6

vulnerability	VCID-6v96-k8cs-13f7

vulnerability	VCID-92dt-g6m8-fufk

vulnerability	VCID-c7nt-5d64-kkev

vulnerability	VCID-cpk7-uyvf-3kb6

vulnerability	VCID-d52s-g5c7-qka3

vulnerability	VCID-fbks-9s7e-wfcj

vulnerability	VCID-gyvd-4m8g-jkdu

vulnerability	VCID-kxdc-8rht-vfdy

vulnerability	VCID-n3p5-9ykg-sufd

vulnerability	VCID-nwgs-pqj7-xkbs

vulnerability	VCID-su9v-ewt3-6ua8

vulnerability	VCID-xg35-8jbc-wqa4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5qdp-vzrd-uqgc

vulnerability	VCID-6hf4-rc1a-pbg6

vulnerability	VCID-92dt-g6m8-fufk

vulnerability	VCID-fbks-9s7e-wfcj

vulnerability	VCID-n3p5-9ykg-sufd

vulnerability	VCID-su9v-ewt3-6ua8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

url	pkg:ebuild/media-libs/tiff@4.0.2-r1
purl	pkg:ebuild/media-libs/tiff@4.0.2-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/tiff@4.0.2-r1

Affected_packages

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2065.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2065.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2065

reference_id

reference_type

scores

value	0.02797
scoring_system	epss
scoring_elements	0.86376
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2065

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=601274
reference_id	601274
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=601274

reference_url	https://security.gentoo.org/glsa/201209-02
reference_id	GLSA-201209-02
reference_type
scores
url	https://security.gentoo.org/glsa/201209-02

Weaknesses

cwe_id	190
name	Integer Overflow or Wraparound
description	The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-adgf-gyyp-9ubc

Vulnerability Instance