Vulnerabilities > Libtiff > Libtiff > 3.5.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-21 | CVE-2022-3598 | Out-of-bounds Write vulnerability in Libtiff LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3599 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3626 | Out-of-bounds Write vulnerability in Libtiff LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3627 | Out-of-bounds Write vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-08-31 | CVE-2022-1354 | Out-of-bounds Read vulnerability in multiple products A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. | 5.5 |
| 2022-08-31 | CVE-2022-1355 | Stack-based Buffer Overflow vulnerability in multiple products A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. | 6.1 |
| 2022-08-29 | CVE-2022-2953 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
| 2022-03-11 | CVE-2022-0908 | NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file. | 5.5 |
| 2021-03-09 | CVE-2020-35524 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. | 7.8 |
| 2021-03-09 | CVE-2020-35523 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. | 7.8 |