Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff libtiff 4.3.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-3164
A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows malicious users to cause a denial of service via a crafted tiff file.
Libtiff Libtiff
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.5
CVSSv3
CVE-2022-2869
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file wi...
Libtiff Libtiff
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.1
CVSSv3
CVE-2022-0891
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows malicious user to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or ...
Libtiff Libtiff
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Active Iq Unified Manager -
5.5
CVSSv3
CVE-2022-0908
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
Libtiff Libtiff
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Ontap Select Deploy Administration Utility -
5.5
CVSSv3
CVE-2022-0562
Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 5615...
Libtiff Libtiff
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
5.5
CVSSv3
CVE-2022-0561
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commi...
Libtiff Libtiff
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
5.5
CVSSv3
CVE-2022-1354
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an malicious user to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of serv...
Libtiff Libtiff
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2022-1355
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an malicious user to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a d...
Libtiff Libtiff
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp Ontap Select Deploy Administration Utility -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2