Filtered by vendor Libtiff Subscriptions
Total 251 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-26965 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 5.5 Medium
loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.
CVE-2023-25434 1 Libtiff 1 Libtiff 2024-11-21 8.8 High
libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
CVE-2023-1916 1 Libtiff 1 Libtiff 2024-11-21 6.1 Medium
A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.
CVE-2023-0804 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVE-2023-0803 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVE-2023-0802 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVE-2023-0801 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVE-2023-0800 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVE-2023-0799 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVE-2023-0798 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVE-2023-0797 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVE-2023-0796 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVE-2023-0795 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVE-2022-4645 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
CVE-2022-48281 3 Debian, Libtiff, Redhat 3 Debian Linux, Libtiff, Enterprise Linux 2024-11-21 5.5 Medium
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.
CVE-2022-40090 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.5 Medium
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.
CVE-2022-3970 5 Apple, Debian, Libtiff and 2 more 8 Ipados, Iphone Os, Macos and 5 more 2024-11-21 6.3 Medium
A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 227500897dfb07fb7d27f7aa570050e62617e3be. It is recommended to apply a patch to fix this issue. The identifier VDB-213549 was assigned to this vulnerability.
CVE-2022-3627 4 Debian, Libtiff, Netapp and 1 more 4 Debian Linux, Libtiff, Active Iq Unified Manager and 1 more 2024-11-21 5.5 Medium
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVE-2022-3626 4 Debian, Libtiff, Netapp and 1 more 4 Debian Linux, Libtiff, Active Iq Unified Manager and 1 more 2024-11-21 5.5 Medium
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.
CVE-2022-3599 4 Debian, Libtiff, Netapp and 1 more 4 Debian Linux, Libtiff, Active Iq Unified Manager and 1 more 2024-11-21 5.5 Medium
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.