Vulnerabilities > Libtiff > Libtiff > 4.4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-10 | CVE-2023-1916 | Out-of-bounds Read vulnerability in Libtiff A flaw was found in tiffcrop, a program distributed by the libtiff package. | 6.1 |
2023-01-23 | CVE-2022-48281 | Out-of-bounds Write vulnerability in multiple products processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. | 5.5 |
2022-10-21 | CVE-2022-3570 | Out-of-bounds Write vulnerability in multiple products Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | 5.5 |
2022-08-31 | CVE-2022-2519 | Double Free vulnerability in multiple products There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 | 6.5 |
2022-08-31 | CVE-2022-2520 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in libtiff 4.4.0rc1. | 6.5 |
2022-08-31 | CVE-2022-2521 | Release of Invalid Pointer or Reference vulnerability in multiple products It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. | 6.5 |
2022-07-29 | CVE-2022-34526 | Out-of-bounds Write vulnerability in multiple products A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. | 6.5 |
2022-06-30 | CVE-2022-2056 | Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
2022-06-30 | CVE-2022-2057 | Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |
2022-06-30 | CVE-2022-2058 | Divide By Zero vulnerability in multiple products Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. | 6.5 |