AVG-2721 log
| Package | libtiff |
| Status | Vulnerable |
| Severity | Medium |
| Type | denial of service |
| Affected | 4.3.0-2 |
| Fixed | Unknown |
| Current | 4.7.0-1 [extra] |
| Ticket | FS#74772 |
| Created | Mon May 16 19:21:54 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-1355 | Medium | No | Denial of service | A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp... |
| CVE-2022-1354 | Low | No | Denial of service | A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file... |
| References |
|---|
https://security.archlinux.org/CVE-2022-1354 https://security.archlinux.org/CVE-2022-1355 |
| Notes |
|---|
https://bugs.archlinux.org/task/74772 |