High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-25	CVE-2023-52355	Out-of-bounds Write vulnerability in multiple products An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. network low complexity libtiff redhat CWE-787	7.5
2024-01-25	CVE-2023-52356	Out-of-bounds Write vulnerability in multiple products A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. network low complexity libtiff redhat CWE-787	7.5
2023-06-14	CVE-2023-25434	Classic Buffer Overflow vulnerability in Libtiff 4.5.0 libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. network low complexity libtiff CWE-120	8.8
2022-11-13	CVE-2022-3970	Numeric Errors vulnerability in multiple products A vulnerability was found in LibTIFF. network low complexity libtiff netapp debian apple CWE-189	8.8
2022-03-10	CVE-2022-0891	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact network low complexity libtiff debian fedoraproject netapp CWE-787	7.1
2021-03-09	CVE-2020-35524	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. local low complexity libtiff debian fedoraproject netapp redhat CWE-787	7.8
2021-03-09	CVE-2020-35523	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. local low complexity libtiff debian netapp redhat CWE-190	7.8
2019-10-14	CVE-2019-17546	Integer Overflow or Wraparound vulnerability in multiple products tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition. network low complexity libtiff osgeo CWE-190	8.8
2019-03-21	CVE-2017-16232	Missing Release of Resource after Effective Lifetime vulnerability in multiple products LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. network low complexity libtiff opensuse suse CWE-772	7.5
2019-01-11	CVE-2019-6128	Memory Leak vulnerability in multiple products The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. network low complexity libtiff canonical opensuse debian CWE-401	8.8