4 matches found
BELL-CVE-2022-34266 CVE-2022-34266 does not affect BellSoft software
Bulletin has no description...
CVE-2022-34266
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service application crash, a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset function within...
CVE-2022-34266
LibTIFF (libtiff) is affected by CVE-2022-34266 and related CVEs in the same family. CVE-2022-34266 arises when processing a crafted TIFF file: an invalid range passed to memset() in TIFFFetchStripThing() (tif_dirread.c) can cause a segfault after using an uninitialized resource, leading to a cra...
Amazon Linux 2 : libtiff (ALAS-2022-1814)
The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1814 advisory. A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy function within the...