5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.3%
libtiff.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to a buffer overflow when reading a file with multiple IFD which causes a memory corruption resulting in an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
libtiff.so | le | 5.7.0 | |
libtiff.so | le | 5.7.0 |
libtiff-release-v4-0-7.com
tiffcp.com
github.com/advisories/GHSA-9489-j7g7-5xg4
github.com/libsdl-org/libtiff/commit/5e18004500cda10d9074bdb6166b054e95b659ed
gitlab.com/libtiff/libtiff/-/issues/538
gitlab.com/libtiff/libtiff/-/merge_requests/306
security-tracker.debian.org/tracker/CVE-2023-30086
security.netapp.com/advisory/ntap-20230616-0003/
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.3%