Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2022-34266

🗓️ 19 Jul 2022 19:34:39Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 138 Views

The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c

Related
Detection
Refs
Social
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2022-34266
19 Jul 202220:15
attackerkb
Tenable Nessus		Amazon Linux 2 : libtiff (ALAS-2022-1814)
15 Jul 202200:00
nessus
Tenable Nessus		SUSE SLES12 Security Update : tiff (SUSE-SU-2022:3679-1)
21 Oct 202200:00
nessus
Tenable Nessus		SUSE SLED15: libtiff-devel / libtiff-devel-32bit / libtiff5 / libtiff5-32bit / etc (SUSE-SU-2022:3690-1)
22 Oct 202200:00
nessus
Amazon		Medium: libtiff
7 Jun 202200:00
amazon
Amazon		Medium: libtiff
15 Jul 202200:00
amazon
AlpineLinux		CVE-2022-34266
19 Jul 202219:34
alpinelinux
BDU FSTEC		The vulnerability of the TIFFFetchStripThing() function in the LibTIFF library on Amazon Linux systems allows a hacker to trigger a service failure.
15 Aug 202200:00
bdu_fstec
Circl		CVE-2022-34266
20 Jul 202200:41
circl
CNNVD		Silicon Graphics LibTIFF 安全漏洞
19 Jul 202200:00
cnnvd
Rows per page
NVD
Node
libtifflibtiffMatch4.0.3-35
AND
amazonamazon_linuxMatch-

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Jun 2026 04:50Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.15.5
EPSS0.00253
CWE-908
libtifflibtiffamazon linux 2cve-2022-34266denial of serviceapplication crashvulnerabilitytiffmemset()tif_dirread.cnvd
138