Astra Linux - уязвимость в tiff

Libtiff 4.5.0 is vulnerable to a Buffer Overflow issue through /libtiff/tools/tiffcrop.c:8499. Incorrect updates to the buffer size after the rotateImage function in tiffcrop cause a Heap-Buffer-Overflow and Segmentation Fault...

CVE-2022-40842

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery SSRF via rotateimg.php...

libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.

...

SUSE CVE-2022-2519

There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1...

libtiff: Double free or corruption in rotateImage() function at tiffcrop.c

A double-free flaw was found in the tiffcrop tool distributed with the libtiff tools package. The double-free issue leads to a denial of service, impacting the availability...

libtiff: Assertion fail in rotateImage() function at tiffcrop.c

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input...

libtiff: Assertion fail in rotateImage() function at tiffcrop.c

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input...

NdkAdvancedCustomizationFields 代码问题漏洞

NdkAdvancedCustomizationFields is an advanced customization field from Ndk. A server-side request forgery vulnerability exists in NdkAdvancedCustomizationFields 3.5.0 and prior versions, which stems from rotateimg.php failing to properly validate user input. An attacker could use this vulnerabili...

ALPINE-CVE-2022-2519

There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1...

DEBIAN-CVE-2022-2519

There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1...

DEBIAN-CVE-2022-2520

A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input...

LibTIFF 安全漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command-line tools for working with TIFF files.A denial of service vulnerability exists in LibTIFF version 4.4.0rc1, which stems from a failed sysmalloc assertion in rotateImage in...

Uzbey: SQL Injection

https://staging.uzbey.com/rotate-image?fid=2841+and+substringversion,1,1=4 FALSE https://staging.uzbey.com/rotate-image?fid=2841+and+substringversion,1,1=5 TRUE https://staging.uzbey.com/rotate-image?fid=2841+and+1=1+order+by+1-- TRUE...