Description
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
Published: 2022-03-11
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-5108-1 tiff security update
EUVD EUVD EUVD-2022-15939 Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
Ubuntu USN Ubuntu USN USN-5523-1 LibTIFF vulnerabilities
Ubuntu USN Ubuntu USN USN-5523-2 LibTIFF vulnerabilities
History

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00071}

 epss

{'score': 0.00058}

Subscriptions

Debian Debian Linux
Fedoraproject Fedora
Libtiff Libtiff
Netapp Ontap Select Deploy Administration Utility
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2024-08-02T23:47:42.113Z

Reserved: 2022-03-10T00:00:00.000Z

Link: CVE-2022-0909

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-11T18:15:28.047

Modified: 2024-11-21T06:39:38.960

Link: CVE-2022-0909

cve-icon Redhat

Severity : Low

Publid Date: 2022-03-11T00:00:00Z

Links: CVE-2022-0909 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses