NULL Pointer Dereference

🗓️ 14 Feb 2022 12:56:55Reported by Veracode Vulnerability DatabaseType

libtiff.so vulnerability in TIFFReadDirectory functio

Reporter	Title	Published	Views	Family All 210
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in LibTIFF	30 Jan 202316:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance may be vulnerable to denial of service due to CVE-2022-0562	1 Dec 202217:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.	2 Feb 202303:37	–	ibm
ATTACKERKB	CVE-2022-34266	19 Jul 202220:15	–	attackerkb
Tenable Nessus	Amazon Linux 2022 : libtiff, libtiff-devel, libtiff-static (ALAS2022-2022-049)	6 Sep 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : libtiff, libtiff-devel, libtiff-static (ALAS2022-2022-194)	4 Nov 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-050)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libtiff (ALAS-2022-1799)	7 Jun 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libtiff (ALAS-2022-1814)	15 Jul 202200:00	–	nessus
Tenable Nessus	Amazon Linux AMI : libtiff (ALAS-2022-1625)	5 Aug 202200:00	–	nessus

Vulners

Node

golang tiffMatch4.1.0-r0cpp

AND

golang tiffMatch4.2.0-r0cpp

AND

golang tiffMatch4.3.0-r0cpp

AND

golang tiffMatch4.2.0-r1cpp

AND

golang tiffMatch4.3.0-r0cpp

AND

golang tiffMatch4.2.0-r1cpp

AND

golang tiffMatch4.2.0-r0cpp

AND

golang tiffMatch4.1.0-r2cpp

AND

libtiff.so libtiff.soRange4.1.3–4.2.1cpp

libtiff libtiffMatch4.0.3_32.el7

libtiff libtiffMatch4.0.9_17.el8

libtiff libtiffMatch4.0.3_35.el7

libtiff libtiffMatch4.0.9_18.el8

libtiff libtiffMatch4.0.9_15.el8

libtiff libtiffMatch4.0.9_13.el8

libtiff libtiffMatch4.0.9_21.el8

libtiff libtiffMatch4.0.9_20.el8

Source	Link
gitlab	www.gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json
gitlab	www.gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b
gitlab	www.gitlab.com/libtiff/libtiff/-/issues/362
lists	www.lists.debian.org/debian-lts-announce/2022/03/msg00001.html
debian	www.debian.org/security/2022/dsa-5108
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/
security	www.security.gentoo.org/glsa/202210-10
security	www.security.netapp.com/advisory/ntap-20220318-0001/

07 Nov 2023 22:30Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.15.5

CVSS 24.3

EPSS0.00035