{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-3316", "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "state": "PUBLISHED", "assignerShortName": "JFROG", "dateReserved": "2023-06-19T10:42:23.466Z", "datePublished": "2023-06-19T11:10:41.964Z", "dateUpdated": "2025-11-03T20:35:32.533Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "libtiff", "vendor": "libtiff", "versions": [{"lessThan": "4.5.1", "status": "affected", "version": "3.9.0", "versionType": "git"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.</p>"}], "value": "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG", "dateUpdated": "2023-08-01T01:06:12.691Z"}, "references": [{"url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/"}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/515"}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/468"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"}], "source": {"discovery": "EXTERNAL"}, "title": "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones."}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/515", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/468", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:35:32.533Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-09T21:09:26.352495Z", "id": "CVE-2023-3316", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-09T21:09:56.669Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/515", "tags": ["x_transferred"]}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/468", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:35:32.533Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-3316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-09T21:09:26.352495Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-09T21:09:39.716Z"}}], "cna": {"title": "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", "source": {"discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "libtiff", "product": "libtiff", "versions": [{"status": "affected", "version": "3.9.0", "lessThan": "4.5.1", "versionType": "git"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/"}, {"url": "https://gitlab.com/libtiff/libtiff/-/issues/515"}, {"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/468"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"}], "descriptions": [{"lang": "en", "value": "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", "supportingMedia": [{"type": "text/html", "value": "<p>A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference"}]}], "providerMetadata": {"orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "shortName": "JFROG", "dateUpdated": "2023-08-01T01:06:12.691Z"}}}, "cveMetadata": {"cveId": "CVE-2023-3316", "state": "PUBLISHED", "dateUpdated": "2025-11-03T20:35:32.533Z", "dateReserved": "2023-06-19T10:42:23.466Z", "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d", "datePublished": "2023-06-19T11:10:41.964Z", "assignerShortName": "JFROG"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*", "matchCriteriaId": "CC4766C9-CC7C-4BA6-9426-D6AD059AEF4F", "versionEndExcluding": "4.5.1", "versionStartIncluding": "3.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones."}], "id": "CVE-2023-3316", "lastModified": "2025-11-03T21:15:59.493", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "reefs@jfrog.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-06-19T12:15:09.520", "references": [{"source": "reefs@jfrog.com", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/515"}, {"source": "reefs@jfrog.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/468"}, {"source": "reefs@jfrog.com", "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"}, {"source": "reefs@jfrog.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/issues/515"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/468"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00019.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/"}], "sourceIdentifier": "reefs@jfrog.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "reefs@jfrog.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:6575", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libtiff-0:4.4.0-10.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-11-07T00:00:00Z"}], "bugzilla": {"description": "libtiff: tiffcrop: null pointer dereference in TIFFClose()", "id": "2216080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216080"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.", "A flaw was found in LibTiff. A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones."], "name": "CVE-2023-3316", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2023-06-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-3316\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3316"], "statement": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-476: NULL Pointer Dereference vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nThe platform incorporates secure engineering principles and controls to enforce secure coding practices, including proper memory handling and error checking, reducing the likelihood of null pointer dereference vulnerabilities. Coding standards, tools, and processes support early detection and prevention of memory-related flaws. Static code analysis identifies null dereference and related issues during development, while system monitoring detects memory errors and anomalous behavior in the event of exploitation. Additionally, the platform leverages memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against memory-related vulnerabilities.", "threat_severity": "Moderate"}

{}