CVE-2020-35522

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

History

30 Jul 2022, 03:48

Type Values Removed Values Added
CPE cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBYFMX3D5VGR6Y3RXTTH3Q4NF4E6IG/ - Mailing List, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20210521-0009/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20210521-0009/ - Third Party Advisory
References (GENTOO) https://security.gentoo.org/glsa/202104-06 - (GENTOO) https://security.gentoo.org/glsa/202104-06 - Third Party Advisory

21 May 2021, 09:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20210521-0009/ -

Information

Published : 2021-03-09 20:15

Updated : 2024-02-04 21:23


NVD link : CVE-2020-35522

Mitre link : CVE-2020-35522

CVE.ORG link : CVE-2020-35522


JSON object : View

Products Affected

netapp

  • ontap_select_deploy_administration_utility

fedoraproject

  • fedora

libtiff

  • libtiff

redhat

  • enterprise_linux
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer