CVE-2022-3570

Source
https://cve.org/CVERecord?id=CVE-2022-3570
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3570.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-3570
Downstream
Related
Published
2022-10-21T00:00:00Z
Modified
2026-07-07T08:38:31.248486899Z
Severity
  • 7.7 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

Database specific
{
    "cna_assigner": "GitLab",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3570.json"
}
References

Affected packages

Git / gitlab.com/libtiff/libtiff

Affected ranges

Type
GIT
Repo
https://gitlab.com/libtiff/libtiff
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "3.9.0"
        },
        {
            "last_affected": "4.4.0"
        }
    ],
    "cpe": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3570.json"