Skip to main content

Divide By Zero

CVE-2022-2057

Severity Medium
Score 6.5/10

Summary

Divide By Zero error in 'tiffcrop' in libtiff- versions prior to 4.5.0rc1 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010. This has the same fix as CVE-2022-2056 and CVE-2022-2058.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • REQUIRED
  • NONE
  • NONE
  • HIGH

CWE-369 - Divide By Zero

The product divides a value by zero.

Advisory Timeline

  • Published