Vulnerabilities > Libtiff > Libtiff > 3.8.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2020-35523 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. | 7.8 |
| 2021-03-09 | CVE-2020-35522 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. | 5.5 |
| 2021-03-09 | CVE-2020-35521 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in libtiff. | 5.5 |
| 2020-02-12 | CVE-2014-8128 | Out-of-bounds Write vulnerability in Libtiff LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. | 4.3 |
| 2019-10-14 | CVE-2019-17546 | Integer Overflow or Wraparound vulnerability in multiple products tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition. | 8.8 |
| 2019-08-14 | CVE-2019-14973 | Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. | 6.5 |
| 2018-05-10 | CVE-2018-10963 | Reachable Assertion vulnerability in multiple products The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | 4.3 |
| 2018-05-08 | CVE-2018-10801 | Missing Release of Resource after Effective Lifetime vulnerability in Libtiff 3.8.2 TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff. | 4.3 |
| 2018-05-07 | CVE-2018-10779 | Out-of-bounds Read vulnerability in multiple products TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. | 4.3 |
| 2018-03-12 | CVE-2016-5314 | Out-of-bounds Write vulnerability in multiple products Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. | 6.8 |