Published: 14/06/2023 Updated: 01/08/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

loadImage() in tools/tiffcrop.c in LibTIFF up to and including 4.5.0 has a heap-based use after free via a crafted TIFF image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libtiff libtiff

Synopsis Low: Logging Subsystem 581- Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic An update is now available for RHOL-58-RHEL-9Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...

Synopsis Moderate: libtiff security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for libtiff is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a se ...

The DumpModeDecode function in libtiff 406 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image (CVE-2016-5321) A divide-by-zero vulnerability was found in libtiff This flaw allows an attacker to cause a denial of service via a crafted tiff file (CVE-2022-2056) loadImage() in tools/tiffcro ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-787 https://gitlab.com/libtiff/libtiff/-/merge_requests/472 https://security.netapp.com/advisory/ntap-20230706-0009/https://lists.debian.org/debian-lts-announce/2023/07/msg00034.html https://access.redhat.com/errata/RHSA-2023:7720 https://nvd.nist.gov https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-11 https://alas.aws.amazon.com/AL2/ALAS-2023-2263.html

CVE-2023-26965

Vulnerability Summary

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect