CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-0562 – libtiff: Null source pointer lead to Denial of Service via crafted TIFF file
https://notcve.org/view.php?id=CVE-2022-0562
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c. Un puntero fuente null pasado como argumento a la función memcpy() dentro de TIFFReadDirectory() en tif_dirread.c en libtiff versiones desde la 4.0 hasta 4.3.0, podría conllevar a una denegación de servicio por medio de un archivo TIFF diseñado. Para usuarios que compilan libtiff a partir de las fuentes, una corrección está disponible con el commit 561599c A flaw was found in libtiff where a NULL source pointer passed as an argument to the memcpy() function within the TIFFReadDirectory() in tif_dirread.c. This flaw allows an attacker to exploit this vulnerability via a crafted TIFF file, causing a crash and leading to a denial of service. • https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json https://gitlab.com/libtiff/libtiff/-/issues/362 https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory/ • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 755EXPL: 0CVE-2021-0127
https://notcve.org/view.php?id=CVE-2021-0127
Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. Una administración no suficiente del flujo de control en algunos procesadores Intel(R) puede permitir a un usuario autenticado habilitar potencialmente una denegación de servicio por acceso local • https://security.netapp.com/advisory/ntap-20220210-0008 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1CVE-2022-0391 – python: urllib.parse does not sanitize URLs containing ASCII newline and tabs
https://notcve.org/view.php?id=CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14. • https://bugs.python.org/issue43882 https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U https://security.gentoo.org/glsa/202305-02 https://security.netapp.com/advisory/ntap-20220225-0009 https://www.oracle.com/security-alerts/cpuapr2022.html https://access. • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2022-23852 – expat: Integer overflow in function XML_GetBuffer
https://notcve.org/view.php?id=CVE-2022-23852
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. Expat (también se conoce como libexpat) versiones anteriores a 2.4.4, presenta un desbordamiento de enteros con signo en la función XML_GetBuffer, para configuraciones con un XML_CONTEXT_BYTES no nulo expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity. • https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://github.com/libexpat/libexpat/pull/550 https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html https://security.gentoo.org/glsa/202209-24 https://security.netapp.com/advisory/ntap-20220217-0001 https://www.debian.org/security/2022/dsa-5073 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.tenable.com/security/tns-2022-05 https://access.redhat.com/security/cve/CVE-2022-23852 https& • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 2CVE-2022-22844 – libtiff: out-of-bounds read in _TIFFmemcpy() in tif_unix.c
https://notcve.org/view.php?id=CVE-2022-22844
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. LibTIFF versión 4.3.0, presenta una lectura fuera de límites en la función _TIFFmemcpy en el archivo tif_unix.c en determinadas situaciones que implican una etiqueta personalizada y 0x0200 como la segunda palabra del campo DE A buffer overflow vulnerability was found in libtiff. This flaw allows an attacker with network access to pass specially crafted files, causing an application to halt or crash. The root cause of this issue was from the memcpy function in tif_unix.c. • https://gitlab.com/libtiff/libtiff/-/issues/355 https://gitlab.com/libtiff/libtiff/-/merge_requests/287 https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html https://security.gentoo.org/glsa/202210-10 https://security.netapp.com/advisory/ntap-20220311-0002 https://www.debian.org/security/2022/dsa-5108 https://access.redhat.com/security/cve/CVE-2022-22844 https://bugzilla.redhat.com/show_bug.cgi?id=2042603 • CWE-125: Out-of-bounds Read •