Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libtiff vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2869
libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file wi...
Libtiff Libtiff
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-34526
A stack overflow exists in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
Libtiff Libtiff 4.4.0
Fedoraproject Fedora 36
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-34266
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows malicious users to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the ...
Libtiff Libtiff 4.0.3-35
4.3
CVSSv2
CVE-2022-2056
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
Libtiff Libtiff 4.4.0
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2022-2057
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
Libtiff Libtiff 4.4.0
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2022-2058
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.
Libtiff Libtiff 4.4.0
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2022-1622
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
Libtiff Libtiff 4.3.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Ontap Select Deploy Administration Utility -
Apple Iphone Os
Apple Macos
Apple Watchos
Apple Tvos
4.3
CVSSv2
CVE-2022-1623
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
Libtiff Libtiff 4.3.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Ontap Select Deploy Administration Utility -
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been...
Libtiff Libtiff 4.3.0
Netapp Ontap Select Deploy Administration Utility -
4.3
CVSSv2
CVE-2022-1056
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows malicious users to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.
Libtiff Libtiff 4.3.0
Netapp Active Iq Unified Manager -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »