Vulnerabilities > Libtiff > Libtiff > 3.7.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-23 | CVE-2022-48281 | Out-of-bounds Write vulnerability in multiple products processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. | 5.5 |
| 2022-10-21 | CVE-2022-3597 | Out-of-bounds Write vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3598 | Out-of-bounds Write vulnerability in Libtiff LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3599 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3626 | Out-of-bounds Write vulnerability in Libtiff LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-10-21 | CVE-2022-3627 | Out-of-bounds Write vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
| 2022-08-31 | CVE-2022-1354 | Out-of-bounds Read vulnerability in multiple products A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. | 5.5 |
| 2022-08-31 | CVE-2022-1355 | Stack-based Buffer Overflow vulnerability in multiple products A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. | 6.1 |
| 2022-08-29 | CVE-2022-2953 | Out-of-bounds Read vulnerability in multiple products LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. | 5.5 |
| 2022-08-17 | CVE-2022-2867 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. | 5.5 |