Vulnerabilities > Libtiff > Libtiff > 4.4.0

DATE CVE VULNERABILITY TITLE RISK
2023-04-10 CVE-2023-1916 Out-of-bounds Read vulnerability in Libtiff
A flaw was found in tiffcrop, a program distributed by the libtiff package.
local
low complexity
libtiff CWE-125
6.1
6.1
2023-01-23 CVE-2022-48281 Out-of-bounds Write vulnerability in multiple products
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.
local
low complexity
libtiff debian CWE-787
5.5
5.5
2022-10-21 CVE-2022-3570 Out-of-bounds Write vulnerability in multiple products
Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
local
low complexity
libtiff debian CWE-787
5.5
5.5
2022-08-31 CVE-2022-2519 Double Free vulnerability in multiple products
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
network
low complexity
libtiff debian CWE-415
6.5
6.5
2022-08-31 CVE-2022-2520 Incorrect Calculation of Buffer Size vulnerability in multiple products
A flaw was found in libtiff 4.4.0rc1.
network
low complexity
libtiff debian CWE-131
6.5
6.5
2022-08-31 CVE-2022-2521 Release of Invalid Pointer or Reference vulnerability in multiple products
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
network
low complexity
libtiff debian CWE-763
6.5
6.5
2022-07-29 CVE-2022-34526 Out-of-bounds Write vulnerability in multiple products
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0.
network
low complexity
libtiff fedoraproject netapp debian CWE-787
6.5
6.5
2022-06-30 CVE-2022-2056 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp fedoraproject debian CWE-369
6.5
6.5
2022-06-30 CVE-2022-2057 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp fedoraproject debian CWE-369
6.5
6.5
2022-06-30 CVE-2022-2058 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp fedoraproject debian CWE-369
6.5
6.5