Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2023-52356 - CERT CVE
CVE-2023-52356
ID
CVE-2023-52356
Sažetak
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
Reference
https://access.redhat.com/errata/RHSA-2024:5079
https://access.redhat.com/errata/RHSA-2025:20801
https://access.redhat.com/errata/RHSA-2025:21994
https://access.redhat.com/errata/RHSA-2025:23078
https://access.redhat.com/errata/RHSA-2025:23079
https://access.redhat.com/errata/RHSA-2025:23080
https://access.redhat.com/errata/RHSA-2026:16174
https://access.redhat.com/errata/RHSA-2026:25096
https://access.redhat.com/errata/RHSA-2026:3461
https://access.redhat.com/errata/RHSA-2026:3462
https://access.redhat.com/errata/RHSA-2026:5958
https://access.redhat.com/errata/RHSA-2026:7081
https://access.redhat.com/errata/RHSA-2026:7304
https://access.redhat.com/errata/RHSA-2026:7335
https://access.redhat.com/errata/RHSA-2026:8746
https://access.redhat.com/errata/RHSA-2026:8747
https://access.redhat.com/errata/RHSA-2026:8748
https://access.redhat.com/security/cve/CVE-2023-52356
https://bugzilla.redhat.com/show_bug.cgi?id=2251344
https://gitlab.com/libtiff/libtiff/-/issues/622
https://gitlab.com/libtiff/libtiff/-/merge_requests/546
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/17
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
http://seclists.org/fulldisclosure/2024/Jul/23
https://access.redhat.com/security/cve/CVE-2023-52356
https://bugzilla.redhat.com/show_bug.cgi?id=2251344
https://gitlab.com/libtiff/libtiff/-/issues/622
https://gitlab.com/libtiff/libtiff/-/merge_requests/546
https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html
https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html
https://support.apple.com/kb/HT214116
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120
https://support.apple.com/kb/HT214122
https://support.apple.com/kb/HT214123
https://support.apple.com/kb/HT214124
CVSS
Base:
7.5
Impact:
3.6
Exploitability:
3.9
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
NONE
HIGH
CVSS vektor
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Zadnje važnije ažuriranje
10-06-2026 - 18:16
Objavljeno
25-01-2024 - 20:15
