JLSEC-2025-311

See a problem?
Please try reporting it to the source first.

Source

https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2025/JLSEC-2025-311.md

Import Source

https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-311.json

JSON Data

https://api.test.osv.dev/v1/vulns/JLSEC-2025-311

Upstream

CVE-2022-40090

Published

2025-11-25T22:18:43.603Z

Modified

2025-11-25T22:47:57.039171Z

Summary

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause...

Details

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

Database specific

{
    "sources": [
        {
            "modified": "2024-11-21T07:20:50.103Z",
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40090",
            "published": "2023-08-22T19:16:23.943Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-40090",
            "imported": "2025-11-25T21:56:30.666Z",
            "id": "CVE-2022-40090"
        }
    ],
    "license": "CC-BY-4.0"
}

References

Affected packages

Julia / Libtiff_jll

Package

Name: Libtiff_jll
Purl: pkg:julia/Libtiff_jll?uuid=89763e89-9b03-5906-acba-b20f662cd828

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0+0

Database specific

source

"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-311.json"