AZL-43891 CVE-2023-52356 affecting package openjpeg2 2.3.1-12

🗓️ 25 Jan 2024 20:15:39Reported by GoogleType

osv🔗 osv.dev👁 4 Views

SEGV in libtiff from crafted TIFF via TIFFReadRGBATileExt(), causing heap-buffer overflow and denial of service.

Reporter	Title	Published	Views	Family All 239
IBM Security Bulletins	Security Bulletin: IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data is affected by multiple vulnerabilities.	19 Feb 202617:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Oct 2024	14 Oct 202416:40	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance	22 Apr 202612:26	–	ibm
IBM Security Bulletins	Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities	9 Oct 202409:25	–	ibm
ATTACKERKB	CVE-2023-52356	25 Jan 202420:15	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2024-525)	20 Feb 202400:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0237: libtiff (ALINUX3-SA-2024:0237)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0181: libtiff (ALINUX3-SA-2025:0181)	17 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libtiff (ALSA-2024:5079)	8 Aug 202400:00	–	nessus
Tenable Nessus	AlmaLinux 10 : libtiff (ALSA-2026:7081)	10 Apr 202600:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-52356

21 Apr 2026 04:31Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.17.5

EPSS0.00717