vulnerability
Amazon Linux 2023: CVE-2022-2057: Important priority package update for libtiff
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Jun 30, 2022 | Feb 17, 2025 | Jul 9, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Jun 30, 2022
Added
Feb 17, 2025
Modified
Jul 9, 2025
Description
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file.
A divide-by-zero vulnerability was found in libtiff. This flaw allows an attacker to cause a denial of service via a crafted tiff file.
Solutions
amazon-linux-2023-upgrade-libtiffamazon-linux-2023-upgrade-libtiff-debuginfoamazon-linux-2023-upgrade-libtiff-debugsourceamazon-linux-2023-upgrade-libtiff-develamazon-linux-2023-upgrade-libtiff-staticamazon-linux-2023-upgrade-libtiff-toolsamazon-linux-2023-upgrade-libtiff-tools-debuginfo
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.