Vulnerabilities > Libtiff

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3599 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-125
6.5
6.5
2022-10-21 CVE-2022-3626 Out-of-bounds Write vulnerability in Libtiff
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff CWE-787
6.5
6.5
2022-10-21 CVE-2022-3627 Out-of-bounds Write vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-787
6.5
6.5
2022-08-31 CVE-2022-1354 Out-of-bounds Read vulnerability in multiple products
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. 		5.5
5.5
2022-08-31 CVE-2022-1355 Stack-based Buffer Overflow vulnerability in multiple products
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. 		6.1
6.1
2022-08-31 CVE-2022-2519 Double Free vulnerability in multiple products
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
network
low complexity
libtiff debian CWE-415
6.5
6.5
2022-08-31 CVE-2022-2520 Incorrect Calculation of Buffer Size vulnerability in multiple products
A flaw was found in libtiff 4.4.0rc1.
network
low complexity
libtiff debian CWE-131
6.5
6.5
2022-08-31 CVE-2022-2521 Release of Invalid Pointer or Reference vulnerability in multiple products
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
network
low complexity
libtiff debian CWE-763
6.5
6.5
2022-08-29 CVE-2022-2953 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff netapp debian CWE-125
5.5
5.5
2022-08-17 CVE-2022-2867 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.
local
low complexity
libtiff fedoraproject debian CWE-191
5.5
5.5