Vulnerabilities > Libtiff

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3626 Out-of-bounds Write vulnerability in Libtiff
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff CWE-787
6.5
2022-10-21 CVE-2022-3627 Out-of-bounds Write vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-787
6.5
2022-08-31 CVE-2022-1354 Out-of-bounds Read vulnerability in multiple products
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function.
5.5
2022-08-31 CVE-2022-1355 Stack-based Buffer Overflow vulnerability in multiple products
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function.
6.1
2022-08-31 CVE-2022-2519 Double Free vulnerability in multiple products
There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1
network
low complexity
libtiff debian CWE-415
6.5
2022-08-31 CVE-2022-2520 Incorrect Calculation of Buffer Size vulnerability in multiple products
A flaw was found in libtiff 4.4.0rc1.
network
low complexity
libtiff debian CWE-131
6.5
2022-08-31 CVE-2022-2521 Release of Invalid Pointer or Reference vulnerability in multiple products
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
network
low complexity
libtiff debian CWE-763
6.5
2022-08-29 CVE-2022-2953 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff netapp debian CWE-125
5.5
2022-08-17 CVE-2022-2867 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write.
local
low complexity
libtiff fedoraproject debian CWE-191
5.5
2022-08-17 CVE-2022-2868 Improper Validation of Specified Quantity in Input vulnerability in multiple products
libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.
local
low complexity
libtiff fedoraproject debian CWE-1284
5.5